General

  • Target

    32a0f2d3ca4aa9e14ce137a320a98db1818328af06c0a942e4d3ee2fd1cd82f9N

  • Size

    333KB

  • Sample

    241010-d3l2bswgqa

  • MD5

    4cc440a7af7bd18f866c088845c5dc70

  • SHA1

    beca987a07fa9689536fa7e10380fbaab84a80d1

  • SHA256

    32a0f2d3ca4aa9e14ce137a320a98db1818328af06c0a942e4d3ee2fd1cd82f9

  • SHA512

    85ac49954b1935ba81c4015289b7c05036f003b77b50fcbcc57098463f3f8de4e535a2025765d30ca7455aa00e7052ec4d2c9cba1acce4b7ed1fce4e57c6b01f

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYA:vHW138/iXWlK885rKlGSekcj66ciZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      32a0f2d3ca4aa9e14ce137a320a98db1818328af06c0a942e4d3ee2fd1cd82f9N

    • Size

      333KB

    • MD5

      4cc440a7af7bd18f866c088845c5dc70

    • SHA1

      beca987a07fa9689536fa7e10380fbaab84a80d1

    • SHA256

      32a0f2d3ca4aa9e14ce137a320a98db1818328af06c0a942e4d3ee2fd1cd82f9

    • SHA512

      85ac49954b1935ba81c4015289b7c05036f003b77b50fcbcc57098463f3f8de4e535a2025765d30ca7455aa00e7052ec4d2c9cba1acce4b7ed1fce4e57c6b01f

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYA:vHW138/iXWlK885rKlGSekcj66ciZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks