General

  • Target

    cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437.exe

  • Size

    164KB

  • Sample

    240726-gstj7szhmm

  • MD5

    6dcfa266f1fa61e2c654eab023ee2333

  • SHA1

    9e1f2e7c59a64168e9d12464d4839a6fc834645d

  • SHA256

    cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437

  • SHA512

    185c9e64f795d1518983a1662a656de7996064753ae4a8bf374de941d948d7a7600e99e495a5c2b8284f6b2978615a9fc979ba144d01cf3f07092f50cd9305f4

  • SSDEEP

    1536:TBozpvLpc3lM8/KedqfTnB8Yux9W1jVTTZufp6kKZLVBzRIUggnZkHuoILpPhHqH:NUvLa3mfTpNuAkKZZBdBeHuoILpPKoxk

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.28.139

121.88.5.183

Targets

    • Target

      cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437.exe

    • Size

      164KB

    • MD5

      6dcfa266f1fa61e2c654eab023ee2333

    • SHA1

      9e1f2e7c59a64168e9d12464d4839a6fc834645d

    • SHA256

      cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437

    • SHA512

      185c9e64f795d1518983a1662a656de7996064753ae4a8bf374de941d948d7a7600e99e495a5c2b8284f6b2978615a9fc979ba144d01cf3f07092f50cd9305f4

    • SSDEEP

      1536:TBozpvLpc3lM8/KedqfTnB8Yux9W1jVTTZufp6kKZLVBzRIUggnZkHuoILpPhHqH:NUvLa3mfTpNuAkKZZBdBeHuoILpPKoxk

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks