Overview

overview

10

Static

static

3

7cf6fe6850...0N.exe

windows7-x64

10

7cf6fe6850...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7cf6fe68506a60a41cc6f0902221f060N.exe

  • Size

    66KB

  • Sample

    240716-gsmfwsyakj

  • MD5

    7cf6fe68506a60a41cc6f0902221f060

  • SHA1

    ac94ee16adf2a23aa6fd7c268d9d73587dd53ff3

  • SHA256

    5a4047f7489da6ba2101eeb6003e0e255ef8dadb49585b03c412eb14eb6e1238

  • SHA512

    bb9ef7836644688363deda85968f70d37907dbd390230178cea317b14941c66e3de4eaeec2fc0f49e0d6767ae7d8aeb19165d93322b3c94aa95618a0b8034fd1

  • SSDEEP

    1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeb:l//AjMp+u2onejH2Peb

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      7cf6fe68506a60a41cc6f0902221f060N.exe

    • Size

      66KB

    • MD5

      7cf6fe68506a60a41cc6f0902221f060

    • SHA1

      ac94ee16adf2a23aa6fd7c268d9d73587dd53ff3

    • SHA256

      5a4047f7489da6ba2101eeb6003e0e255ef8dadb49585b03c412eb14eb6e1238

    • SHA512

      bb9ef7836644688363deda85968f70d37907dbd390230178cea317b14941c66e3de4eaeec2fc0f49e0d6767ae7d8aeb19165d93322b3c94aa95618a0b8034fd1

    • SSDEEP

      1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeb:l//AjMp+u2onejH2Peb

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks