Overview

overview

10

Static

static

3

8564dc090e...0a.exe

windows7-x64

10

8564dc090e...0a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8564dc090e561991f2a43ed44dae5610ca82ca9e87a1f3d093ded3fe78b2830a

  • Size

    6.4MB

  • Sample

    240731-bmz7xayfln

  • MD5

    8ed0d73e075de1ced86005ec0de71716

  • SHA1

    9a1dd2d7b84d68d212855da11a9f71d4410e76f3

  • SHA256

    8564dc090e561991f2a43ed44dae5610ca82ca9e87a1f3d093ded3fe78b2830a

  • SHA512

    47c22160935dc479c3e41469fb8200a13537f9da7f4bf1a4fcb14510440a74610ea5d1442a75222e2588692c47b68deb990b94a96dd814e0a496253802f3617d

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSj:i0LrA2kHKQHNk3og9unipQyOaOj

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      8564dc090e561991f2a43ed44dae5610ca82ca9e87a1f3d093ded3fe78b2830a

    • Size

      6.4MB

    • MD5

      8ed0d73e075de1ced86005ec0de71716

    • SHA1

      9a1dd2d7b84d68d212855da11a9f71d4410e76f3

    • SHA256

      8564dc090e561991f2a43ed44dae5610ca82ca9e87a1f3d093ded3fe78b2830a

    • SHA512

      47c22160935dc479c3e41469fb8200a13537f9da7f4bf1a4fcb14510440a74610ea5d1442a75222e2588692c47b68deb990b94a96dd814e0a496253802f3617d

    • SSDEEP

      98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSj:i0LrA2kHKQHNk3og9unipQyOaOj

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks