General

  • Target

    574bca65b0b385c9649f0d5cc3e0f58b9e912fbe60beaec3285f356dae7cc53eN

  • Size

    326KB

  • Sample

    241010-db7tqawane

  • MD5

    1416eb2f60da2ab33c379f839d691530

  • SHA1

    05d3c46c2d9472057e2a6360c52cc74c7a5401e2

  • SHA256

    574bca65b0b385c9649f0d5cc3e0f58b9e912fbe60beaec3285f356dae7cc53e

  • SHA512

    101788c550a02ae6ebc44b13affaa74107d8c21279e681868c4af11c018349ca10d5040381ccfc9ac22c0a77031d652d2456955d4fdea153e74bc81d20493042

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOq:vHW138/iXWlK885rKlGSekcj66ciJ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      574bca65b0b385c9649f0d5cc3e0f58b9e912fbe60beaec3285f356dae7cc53eN

    • Size

      326KB

    • MD5

      1416eb2f60da2ab33c379f839d691530

    • SHA1

      05d3c46c2d9472057e2a6360c52cc74c7a5401e2

    • SHA256

      574bca65b0b385c9649f0d5cc3e0f58b9e912fbe60beaec3285f356dae7cc53e

    • SHA512

      101788c550a02ae6ebc44b13affaa74107d8c21279e681868c4af11c018349ca10d5040381ccfc9ac22c0a77031d652d2456955d4fdea153e74bc81d20493042

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOq:vHW138/iXWlK885rKlGSekcj66ciJ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks