General

  • Target

    592e645038130e63a594a538c582b0e5199e98b69b37e02a519d992057923a85N

  • Size

    64KB

  • Sample

    241010-hz3bcswfkl

  • MD5

    d27471c9ff42317ca271aa39994507f0

  • SHA1

    59f75fb1774745da00e4b8d44efe3d32bfcbf45f

  • SHA256

    592e645038130e63a594a538c582b0e5199e98b69b37e02a519d992057923a85

  • SHA512

    4c8f576fb5e6eb9992f26c1abfff1129754623f0776c3c48e239c10a00a3545783bea42528915e3e79b3d1ec201552d8ab86f648d4305aa6f1169b6ee709898b

  • SSDEEP

    1536:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdQouZH3:K0GAqjuVZ6rNOFu53

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      592e645038130e63a594a538c582b0e5199e98b69b37e02a519d992057923a85N

    • Size

      64KB

    • MD5

      d27471c9ff42317ca271aa39994507f0

    • SHA1

      59f75fb1774745da00e4b8d44efe3d32bfcbf45f

    • SHA256

      592e645038130e63a594a538c582b0e5199e98b69b37e02a519d992057923a85

    • SHA512

      4c8f576fb5e6eb9992f26c1abfff1129754623f0776c3c48e239c10a00a3545783bea42528915e3e79b3d1ec201552d8ab86f648d4305aa6f1169b6ee709898b

    • SSDEEP

      1536:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdQouZH3:K0GAqjuVZ6rNOFu53

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks