General

  • Target

    5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675N

  • Size

    597KB

  • Sample

    241010-ngc7eazfmp

  • MD5

    f9c91e2058f13e0e9585a2f79eba4bf0

  • SHA1

    913233de058e01f3d5a4240659d593c77d32e28d

  • SHA256

    5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675

  • SHA512

    398326b16d86935d970d1cfccf38415dcf0cf2149c3f671fcca3fdd7769fb28dabbf5e0aa74c3ca550f3922423028c7826bc4c5152a678ee0af9f0cbe1bc1f64

  • SSDEEP

    6144:KzU7blKaPcbhj+bB7ktZeRnVDJm0oNjOPdInpB2:MU7MLb4BQkntwNjqdR

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675N

    • Size

      597KB

    • MD5

      f9c91e2058f13e0e9585a2f79eba4bf0

    • SHA1

      913233de058e01f3d5a4240659d593c77d32e28d

    • SHA256

      5e5d62964856f96d33a59d80c3a67832cc8b255bbfb975c2704a6c1594200675

    • SHA512

      398326b16d86935d970d1cfccf38415dcf0cf2149c3f671fcca3fdd7769fb28dabbf5e0aa74c3ca550f3922423028c7826bc4c5152a678ee0af9f0cbe1bc1f64

    • SSDEEP

      6144:KzU7blKaPcbhj+bB7ktZeRnVDJm0oNjOPdInpB2:MU7MLb4BQkntwNjqdR

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks