General

  • Target

    62cc1a1f2ae837bb84f261b27a7da8f718dee57c140843c354cadb4371f6d521N

  • Size

    332KB

  • Sample

    241010-h7mkwa1cph

  • MD5

    153d3efeb8ab598c9a4546706d3e9e10

  • SHA1

    16f0bd4cbdbc66d55d3a4c2930244b4b8a3597af

  • SHA256

    62cc1a1f2ae837bb84f261b27a7da8f718dee57c140843c354cadb4371f6d521

  • SHA512

    830ef679678d170c1c718b575a08bbd21c23d7ccd3d2014586a4db725739209e752a9ccd43340c63dc8c16bd76b978c0d13d996b7b4b53015619d32bd1bf671b

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYF:vHW138/iXWlK885rKlGSekcj66ciM

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      62cc1a1f2ae837bb84f261b27a7da8f718dee57c140843c354cadb4371f6d521N

    • Size

      332KB

    • MD5

      153d3efeb8ab598c9a4546706d3e9e10

    • SHA1

      16f0bd4cbdbc66d55d3a4c2930244b4b8a3597af

    • SHA256

      62cc1a1f2ae837bb84f261b27a7da8f718dee57c140843c354cadb4371f6d521

    • SHA512

      830ef679678d170c1c718b575a08bbd21c23d7ccd3d2014586a4db725739209e752a9ccd43340c63dc8c16bd76b978c0d13d996b7b4b53015619d32bd1bf671b

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYF:vHW138/iXWlK885rKlGSekcj66ciM

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks