Overview

overview

10

Static

static

3

41e5a5dab7...ac.exe

windows7-x64

10

41e5a5dab7...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac.exe

  • Size

    97KB

  • Sample

    240705-jwexbsvdpm

  • MD5

    5b57ac4842220141fcf111864cb0ae70

  • SHA1

    1d33474614f857342667eb4e85344adba6ee4e59

  • SHA256

    41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac

  • SHA512

    d01049a835ccbb2524062b493bf12972e112fa59367a0de9d3a0a139ac0f5207e591b04783de927558b0169fde16ed071663c9c59b62d0c80151e3106ae45503

  • SSDEEP

    768:7sT6mIV9UQ/r5LU31iBool1viTneodsAqqQBsyxcStEngPFoDVmMiWFPUSGqyD0S:QT4VVJUkk4z5s8pagFoDqsWqSn4aiu

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.184

Targets

    • Target

      41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac.exe

    • Size

      97KB

    • MD5

      5b57ac4842220141fcf111864cb0ae70

    • SHA1

      1d33474614f857342667eb4e85344adba6ee4e59

    • SHA256

      41e5a5dab793c74e131b2ec313be492f84031bfc90a9a20ff3addb1b768b48ac

    • SHA512

      d01049a835ccbb2524062b493bf12972e112fa59367a0de9d3a0a139ac0f5207e591b04783de927558b0169fde16ed071663c9c59b62d0c80151e3106ae45503

    • SSDEEP

      768:7sT6mIV9UQ/r5LU31iBool1viTneodsAqqQBsyxcStEngPFoDVmMiWFPUSGqyD0S:QT4VVJUkk4z5s8pagFoDqsWqSn4aiu

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks