General

  • Target

    c0f04995787c4015d01560fab8d3875a16e2e3044db6f49607e24e6ad723a6b4

  • Size

    78KB

  • Sample

    241010-bmdznsyepr

  • MD5

    c0f566bdd9154ecb3e75186987b3c89c

  • SHA1

    f3ccc3aa64e2a7ca51c046321ef626d9dd69265f

  • SHA256

    c0f04995787c4015d01560fab8d3875a16e2e3044db6f49607e24e6ad723a6b4

  • SHA512

    b8a0491519b1aebfe63902f44f2fad1f1831544fcf8bf97ae1fd0c2eb1c23bf41a193828a49262eab1034e02b1eafa6ca561f89a1b340e3d8f5decdbbfaa91d5

  • SSDEEP

    1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8tea:4lnhYPlVMqmyAFIRR9

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      c0f04995787c4015d01560fab8d3875a16e2e3044db6f49607e24e6ad723a6b4

    • Size

      78KB

    • MD5

      c0f566bdd9154ecb3e75186987b3c89c

    • SHA1

      f3ccc3aa64e2a7ca51c046321ef626d9dd69265f

    • SHA256

      c0f04995787c4015d01560fab8d3875a16e2e3044db6f49607e24e6ad723a6b4

    • SHA512

      b8a0491519b1aebfe63902f44f2fad1f1831544fcf8bf97ae1fd0c2eb1c23bf41a193828a49262eab1034e02b1eafa6ca561f89a1b340e3d8f5decdbbfaa91d5

    • SSDEEP

      1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8tea:4lnhYPlVMqmyAFIRR9

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks