Overview

overview

10

Static

static

7

248599fbd6...18.exe

windows7-x64

10

248599fbd6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    248599fbd64f3f93a607b00b735a842f_JaffaCakes118

  • Size

    323KB

  • Sample

    240704-ebx5yssglr

  • MD5

    248599fbd64f3f93a607b00b735a842f

  • SHA1

    bd3c0f80fb82b3f3b7305180431e0367af118d23

  • SHA256

    0247a31f22cf2c0506c26288e4a9fb685ef9a6d21aedca8d0a9073c2cd9311d3

  • SHA512

    f32ec76054cc61d9dcd7bd9314e85987e0154ff34ce4f31b3fd6fa79340bb2733ce061075285fe825e86f3274e2f22261515860523ff0451bcce236edd4b6ef3

  • SSDEEP

    6144:bNEo/rmV71+I8ZD/h/vFfhxxQO4B4tqv+Hq/On1NHwBzQ4bed76a3FoSxS:bNEo/6YnZVB1rkAqcNAzQCed7J1oSU

Score
10/10
urelastrojanupx

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      248599fbd64f3f93a607b00b735a842f_JaffaCakes118

    • Size

      323KB

    • MD5

      248599fbd64f3f93a607b00b735a842f

    • SHA1

      bd3c0f80fb82b3f3b7305180431e0367af118d23

    • SHA256

      0247a31f22cf2c0506c26288e4a9fb685ef9a6d21aedca8d0a9073c2cd9311d3

    • SHA512

      f32ec76054cc61d9dcd7bd9314e85987e0154ff34ce4f31b3fd6fa79340bb2733ce061075285fe825e86f3274e2f22261515860523ff0451bcce236edd4b6ef3

    • SSDEEP

      6144:bNEo/rmV71+I8ZD/h/vFfhxxQO4B4tqv+Hq/On1NHwBzQ4bed76a3FoSxS:bNEo/6YnZVB1rkAqcNAzQCed7J1oSU

    Score
    10/10
    urelastrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks