General

  • Target

    68267e9f2ac17916fd79fa79f86afa890669ddf5c47885927363b456e20dbe92N

  • Size

    326KB

  • Sample

    241009-2eyl8awbjk

  • MD5

    30ddf53cdc022aa81d49306f478ebff0

  • SHA1

    83fc28ce5fe2b4d638bb05b8ba06862d9a1d1a35

  • SHA256

    68267e9f2ac17916fd79fa79f86afa890669ddf5c47885927363b456e20dbe92

  • SHA512

    d0191ab47e3fcf65d7566cee2c96fcc4688ceb0eb60a2ccbebb7a7a02394d20c9d3ce9cb2b1ff96c3e29c5ff0c45dee45dd5b88dfebb2dc6bd326bb6e68135c5

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOD:vHW138/iXWlK885rKlGSekcj66ciA

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      68267e9f2ac17916fd79fa79f86afa890669ddf5c47885927363b456e20dbe92N

    • Size

      326KB

    • MD5

      30ddf53cdc022aa81d49306f478ebff0

    • SHA1

      83fc28ce5fe2b4d638bb05b8ba06862d9a1d1a35

    • SHA256

      68267e9f2ac17916fd79fa79f86afa890669ddf5c47885927363b456e20dbe92

    • SHA512

      d0191ab47e3fcf65d7566cee2c96fcc4688ceb0eb60a2ccbebb7a7a02394d20c9d3ce9cb2b1ff96c3e29c5ff0c45dee45dd5b88dfebb2dc6bd326bb6e68135c5

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOD:vHW138/iXWlK885rKlGSekcj66ciA

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks