General

  • Target

    f87e5eddb3eda809b99172e27a87d780N.exe

  • Size

    70KB

  • Sample

    240804-xzwwxaxgke

  • MD5

    f87e5eddb3eda809b99172e27a87d780

  • SHA1

    bc8c48cfbd90fc0f45e9d9ae12a015b832de5d33

  • SHA256

    4beed96c08ad1d96cc0ff51824516df57f4c89bbbfb9871d927a212ce4e515f6

  • SHA512

    21068f7dc192970f9e36c056d06b719c1de35f9b2bdfca4a14e107816b3271719162ca969ba8e122691b16a3c0c0cb1ca0efa83b1cb33ff636f5f6010e563a63

  • SSDEEP

    1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawxU:yLAYUzmdD0sMQl7d7IuhCae9

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      f87e5eddb3eda809b99172e27a87d780N.exe

    • Size

      70KB

    • MD5

      f87e5eddb3eda809b99172e27a87d780

    • SHA1

      bc8c48cfbd90fc0f45e9d9ae12a015b832de5d33

    • SHA256

      4beed96c08ad1d96cc0ff51824516df57f4c89bbbfb9871d927a212ce4e515f6

    • SHA512

      21068f7dc192970f9e36c056d06b719c1de35f9b2bdfca4a14e107816b3271719162ca969ba8e122691b16a3c0c0cb1ca0efa83b1cb33ff636f5f6010e563a63

    • SSDEEP

      1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawxU:yLAYUzmdD0sMQl7d7IuhCae9

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks