General

  • Target

    6901b9c3046a5a94d26302d1baf3fb4d_JaffaCakes118

  • Size

    136KB

  • Sample

    240723-1cbh8szclk

  • MD5

    6901b9c3046a5a94d26302d1baf3fb4d

  • SHA1

    3c41c571181fea3015ed8ab7e5cb22d618ed871d

  • SHA256

    02137ceec3167f6cfb3ae2046a6c4837476be3739ad7a459a6b3ae286fa69aad

  • SHA512

    477254896b73c35f131915351136ee4c4fcdfd51e88782ba2c6310b197446dc34f04d9a02564e27be2e737e069fcb6114d3409c8a4bf85c3527110870ea692f7

  • SSDEEP

    1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APfIc:P/5kqCxiXEcO3XfGf2tMUf6odgR5A4c

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      6901b9c3046a5a94d26302d1baf3fb4d_JaffaCakes118

    • Size

      136KB

    • MD5

      6901b9c3046a5a94d26302d1baf3fb4d

    • SHA1

      3c41c571181fea3015ed8ab7e5cb22d618ed871d

    • SHA256

      02137ceec3167f6cfb3ae2046a6c4837476be3739ad7a459a6b3ae286fa69aad

    • SHA512

      477254896b73c35f131915351136ee4c4fcdfd51e88782ba2c6310b197446dc34f04d9a02564e27be2e737e069fcb6114d3409c8a4bf85c3527110870ea692f7

    • SSDEEP

      1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APfIc:P/5kqCxiXEcO3XfGf2tMUf6odgR5A4c

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks