General

  • Target

    c33a5ff32a21f5caa615f5675a2106f565400e177273ee5af113c2cdfe765002N

  • Size

    327KB

  • Sample

    241010-akyqmasblf

  • MD5

    211ca5040fdd16288a52a51b0c1f6e60

  • SHA1

    15d55a233fad1c16078b5eface941e188a8e0f17

  • SHA256

    c33a5ff32a21f5caa615f5675a2106f565400e177273ee5af113c2cdfe765002

  • SHA512

    93dd629d9bb8ceedc17d9d6b3a776a8903d7be6d3660e29a3084586bab7e25c86c4ab95d5ee6ac0b073e09e2e90b4d2121f7f47ac8e2606da77f6a8e61215819

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOs:vHW138/iXWlK885rKlGSekcj66cin

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      c33a5ff32a21f5caa615f5675a2106f565400e177273ee5af113c2cdfe765002N

    • Size

      327KB

    • MD5

      211ca5040fdd16288a52a51b0c1f6e60

    • SHA1

      15d55a233fad1c16078b5eface941e188a8e0f17

    • SHA256

      c33a5ff32a21f5caa615f5675a2106f565400e177273ee5af113c2cdfe765002

    • SHA512

      93dd629d9bb8ceedc17d9d6b3a776a8903d7be6d3660e29a3084586bab7e25c86c4ab95d5ee6ac0b073e09e2e90b4d2121f7f47ac8e2606da77f6a8e61215819

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOs:vHW138/iXWlK885rKlGSekcj66cin

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks