Overview

overview

10

Static

static

3

0964a0f9cc...d1.exe

windows7-x64

10

0964a0f9cc...d1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0964a0f9cc43efaa5d9e251343a5d5b839fc2254bcaf7b670b3bf03cf6333cd1

  • Size

    333KB

  • Sample

    241004-w3dztsygrq

  • MD5

    d2f8aab08fd9c39a7744989ca6dc1463

  • SHA1

    a49b9433124123b56518c7aa83f4dcc0a62e2fc5

  • SHA256

    0964a0f9cc43efaa5d9e251343a5d5b839fc2254bcaf7b670b3bf03cf6333cd1

  • SHA512

    9a96cfd32877c3d320dae2c732ec38949de331b63fb9e75cd95c52be1fab379a2e73cd0ab9e39595782a3d2e5c10a69f8c27c4c6d0959ec6f254d3c78caa9b1b

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66ciM

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      0964a0f9cc43efaa5d9e251343a5d5b839fc2254bcaf7b670b3bf03cf6333cd1

    • Size

      333KB

    • MD5

      d2f8aab08fd9c39a7744989ca6dc1463

    • SHA1

      a49b9433124123b56518c7aa83f4dcc0a62e2fc5

    • SHA256

      0964a0f9cc43efaa5d9e251343a5d5b839fc2254bcaf7b670b3bf03cf6333cd1

    • SHA512

      9a96cfd32877c3d320dae2c732ec38949de331b63fb9e75cd95c52be1fab379a2e73cd0ab9e39595782a3d2e5c10a69f8c27c4c6d0959ec6f254d3c78caa9b1b

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9:vHW138/iXWlK885rKlGSekcj66ciM

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks