Overview

overview

10

Static

static

7

1342698049...02.exe

windows7-x64

10

1342698049...02.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    13426980493b1ade6c5e36e080f2fec6afe429e9301a98818989b7fa455c7e02

  • Size

    58KB

  • Sample

    240828-xnxn3a1djf

  • MD5

    122ad54f0cf8aeaf670461c8f76de7bf

  • SHA1

    336b85ba6902cafb7d02e1cd1f80b67bad1e961f

  • SHA256

    13426980493b1ade6c5e36e080f2fec6afe429e9301a98818989b7fa455c7e02

  • SHA512

    6ee6659bf70e6fc6c82579864fb53d4fb3cc507e9dfb13745b7d93a5e0ae8148e267fa718dad7faba0b755dabaf115761946e05ceb2407060626807d69da037f

  • SSDEEP

    1536:6W82C0Db1edMckBI1kmJAhTPY6pnouy8Dm:6n25DbaMySmJAhbvoutC

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      13426980493b1ade6c5e36e080f2fec6afe429e9301a98818989b7fa455c7e02

    • Size

      58KB

    • MD5

      122ad54f0cf8aeaf670461c8f76de7bf

    • SHA1

      336b85ba6902cafb7d02e1cd1f80b67bad1e961f

    • SHA256

      13426980493b1ade6c5e36e080f2fec6afe429e9301a98818989b7fa455c7e02

    • SHA512

      6ee6659bf70e6fc6c82579864fb53d4fb3cc507e9dfb13745b7d93a5e0ae8148e267fa718dad7faba0b755dabaf115761946e05ceb2407060626807d69da037f

    • SSDEEP

      1536:6W82C0Db1edMckBI1kmJAhTPY6pnouy8Dm:6n25DbaMySmJAhbvoutC

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks