Overview

overview

10

Static

static

3

e97dbd3826...0N.exe

windows7-x64

10

e97dbd3826...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e97dbd38267aa1673465097fd7c44950N.exe

  • Size

    324KB

  • Sample

    240804-lqncmasdnq

  • MD5

    e97dbd38267aa1673465097fd7c44950

  • SHA1

    bd7996573ac804fce068a6912643062e165fc1ed

  • SHA256

    4593b6e970619e209c1f3be7e800abf01f2929fa55b18466808d74bcae2953cb

  • SHA512

    01ec21751b193d31e0a08c889fdd02e3183dd9d0626e71dc1f97b1126f7fe78080b145a09785f1f6bbf6e75fd5f3f47cf4324005d9ec99140e63e16a55cf1f0f

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYB:vHW138/iXWlK885rKlGSekcj66cis

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      e97dbd38267aa1673465097fd7c44950N.exe

    • Size

      324KB

    • MD5

      e97dbd38267aa1673465097fd7c44950

    • SHA1

      bd7996573ac804fce068a6912643062e165fc1ed

    • SHA256

      4593b6e970619e209c1f3be7e800abf01f2929fa55b18466808d74bcae2953cb

    • SHA512

      01ec21751b193d31e0a08c889fdd02e3183dd9d0626e71dc1f97b1126f7fe78080b145a09785f1f6bbf6e75fd5f3f47cf4324005d9ec99140e63e16a55cf1f0f

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYB:vHW138/iXWlK885rKlGSekcj66cis

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks