General

  • Target

    dd62a6299a5359622ccf303ec6d06590N.exe

  • Size

    324KB

  • Sample

    240804-bwfvmawglg

  • MD5

    dd62a6299a5359622ccf303ec6d06590

  • SHA1

    6adb5b4cc9ad295ae0c6ca1e6c69192eece6c1df

  • SHA256

    1e50810a6924c6022468202efa2f9a1b04e5ddc28ee63b162b85d9bdcc662103

  • SHA512

    16b9093261750f9fa454e8ff47d652ca01e98ce3bced7486a6be25d2a1a83606fb296d6e4e8b9f22e393bbdedfa45b446e9bfc68314a6a3355e62fff3af257d0

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66cik

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      dd62a6299a5359622ccf303ec6d06590N.exe

    • Size

      324KB

    • MD5

      dd62a6299a5359622ccf303ec6d06590

    • SHA1

      6adb5b4cc9ad295ae0c6ca1e6c69192eece6c1df

    • SHA256

      1e50810a6924c6022468202efa2f9a1b04e5ddc28ee63b162b85d9bdcc662103

    • SHA512

      16b9093261750f9fa454e8ff47d652ca01e98ce3bced7486a6be25d2a1a83606fb296d6e4e8b9f22e393bbdedfa45b446e9bfc68314a6a3355e62fff3af257d0

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66cik

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks