General

  • Target

    88d41523a59169832f153e3d1f7fd23c1fb4d311e459be7e1e40c7b139835906N

  • Size

    327KB

  • Sample

    241010-3vt5eatbrh

  • MD5

    f0ce3f8e6616d5969fd289d8c7c24d30

  • SHA1

    e59557a329d01aa73c630f731a52a60a0ddf2f2b

  • SHA256

    88d41523a59169832f153e3d1f7fd23c1fb4d311e459be7e1e40c7b139835906

  • SHA512

    dca9d1925766c9f1d08a1783c4b3ebbc55c296453fb9d0e972dc2f28552054839c3d5c25e9e7357874c97edd76a1b5afc70cddf1f3838c53965b21665fab22aa

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY0:vHW138/iXWlK885rKlGSekcj66cih

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      88d41523a59169832f153e3d1f7fd23c1fb4d311e459be7e1e40c7b139835906N

    • Size

      327KB

    • MD5

      f0ce3f8e6616d5969fd289d8c7c24d30

    • SHA1

      e59557a329d01aa73c630f731a52a60a0ddf2f2b

    • SHA256

      88d41523a59169832f153e3d1f7fd23c1fb4d311e459be7e1e40c7b139835906

    • SHA512

      dca9d1925766c9f1d08a1783c4b3ebbc55c296453fb9d0e972dc2f28552054839c3d5c25e9e7357874c97edd76a1b5afc70cddf1f3838c53965b21665fab22aa

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY0:vHW138/iXWlK885rKlGSekcj66cih

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks