General
-
Target
a02590ad14d94dcf9ba40fddad1a8870N
-
Size
56KB
-
Sample
240913-1nxkva1aml
-
MD5
a02590ad14d94dcf9ba40fddad1a8870
-
SHA1
bed8a28e3aad487220072d29aef687019ded3b25
-
SHA256
5d3f26b87a6fa15319a62537d81b62de1decb441477cb7403bddc50d35e11636
-
SHA512
85cc093c298af5ff06aaa22311cbbbd5f93b3e2449cc7cc7b33a229f4418a99144394ad7f21cad4955278632d6d67d0fe398e7538a81d42b3baf9c0ffe61d704
-
SSDEEP
1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHj:vMhAe5Zs091KI+JYixw49XjrM
Malware Config
Extracted
urelas
218.54.47.76
218.54.47.77
218.54.47.74
Targets
-
-
Target
a02590ad14d94dcf9ba40fddad1a8870N
-
Size
56KB
-
MD5
a02590ad14d94dcf9ba40fddad1a8870
-
SHA1
bed8a28e3aad487220072d29aef687019ded3b25
-
SHA256
5d3f26b87a6fa15319a62537d81b62de1decb441477cb7403bddc50d35e11636
-
SHA512
85cc093c298af5ff06aaa22311cbbbd5f93b3e2449cc7cc7b33a229f4418a99144394ad7f21cad4955278632d6d67d0fe398e7538a81d42b3baf9c0ffe61d704
-
SSDEEP
1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHj:vMhAe5Zs091KI+JYixw49XjrM
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-