General

  • Target

    22aa3d37f782c0d939ceaeeac50b9bd70a35a713227c09e6b0b3643f365a7f7cN

  • Size

    328KB

  • Sample

    241010-nzzs5a1aln

  • MD5

    dc90fec79d12b25f2cd58ca55e41d990

  • SHA1

    426584b6abcc20746700eec13f16acde9ae9fc76

  • SHA256

    22aa3d37f782c0d939ceaeeac50b9bd70a35a713227c09e6b0b3643f365a7f7c

  • SHA512

    234d8c2b213285f48889ecbd9f3391b3225206eee6b8851da44642210df69ce978d938a76825cf39588b9b28cf1bb0576bded91e3da13b18a9f15673725d4c6f

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOa:vHW138/iXWlK885rKlGSekcj66cip

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      22aa3d37f782c0d939ceaeeac50b9bd70a35a713227c09e6b0b3643f365a7f7cN

    • Size

      328KB

    • MD5

      dc90fec79d12b25f2cd58ca55e41d990

    • SHA1

      426584b6abcc20746700eec13f16acde9ae9fc76

    • SHA256

      22aa3d37f782c0d939ceaeeac50b9bd70a35a713227c09e6b0b3643f365a7f7c

    • SHA512

      234d8c2b213285f48889ecbd9f3391b3225206eee6b8851da44642210df69ce978d938a76825cf39588b9b28cf1bb0576bded91e3da13b18a9f15673725d4c6f

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOa:vHW138/iXWlK885rKlGSekcj66cip

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks