General
-
Target
597791b3feee041864b7207c1993f552_JaffaCakes118
-
Size
620KB
-
Sample
240718-24vlvs1eqr
-
MD5
597791b3feee041864b7207c1993f552
-
SHA1
913a74bcbc4d807469d755cbfdc4bae454d9c440
-
SHA256
82e0157dc94b60e27c2c3095a1e2dfe93095830591cfc06bacfd4ecfefd65d1c
-
SHA512
b544e0a5023f264547a1f71808e49b8e18a2b2f4ba16418221d17412d3a723a7dacfc730c4f0de39881be1d14354be9f2e41209a97816b2830007eb171377d38
-
SSDEEP
6144:imbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXWyr:ima6idv8zzkGHVqoq/gKWq
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
Targets
-
-
Target
597791b3feee041864b7207c1993f552_JaffaCakes118
-
Size
620KB
-
MD5
597791b3feee041864b7207c1993f552
-
SHA1
913a74bcbc4d807469d755cbfdc4bae454d9c440
-
SHA256
82e0157dc94b60e27c2c3095a1e2dfe93095830591cfc06bacfd4ecfefd65d1c
-
SHA512
b544e0a5023f264547a1f71808e49b8e18a2b2f4ba16418221d17412d3a723a7dacfc730c4f0de39881be1d14354be9f2e41209a97816b2830007eb171377d38
-
SSDEEP
6144:imbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXWyr:ima6idv8zzkGHVqoq/gKWq
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-