Overview

overview

10

Static

static

3

2c2cc71c4e...18.exe

windows7-x64

10

2c2cc71c4e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c2cc71c4e3075d4cfce5efa94e45ed2_JaffaCakes118

  • Size

    59KB

  • Sample

    240708-nnentawhpn

  • MD5

    2c2cc71c4e3075d4cfce5efa94e45ed2

  • SHA1

    a1b01ea1e74c53a47f344af2e538aef9823772aa

  • SHA256

    9de977476dcea4fd3bd8dbd894f510f3eac2a34017aefea3f84415b686b2dea8

  • SHA512

    de6640bfecacd87d95f8f810198753608b85d1b84ad394047dcb0af149bf7d5f6dee8f20be1e20b0014c85b3ef9ad64b4d44717c7cca9165ac8f5a2d85b4e294

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP/:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdG

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      2c2cc71c4e3075d4cfce5efa94e45ed2_JaffaCakes118

    • Size

      59KB

    • MD5

      2c2cc71c4e3075d4cfce5efa94e45ed2

    • SHA1

      a1b01ea1e74c53a47f344af2e538aef9823772aa

    • SHA256

      9de977476dcea4fd3bd8dbd894f510f3eac2a34017aefea3f84415b686b2dea8

    • SHA512

      de6640bfecacd87d95f8f810198753608b85d1b84ad394047dcb0af149bf7d5f6dee8f20be1e20b0014c85b3ef9ad64b4d44717c7cca9165ac8f5a2d85b4e294

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP/:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdG

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks