General

  • Target

    69aca99423d2451b97698d929a180fe0d040903ffece27a963da9f8162f1c3c8N

  • Size

    333KB

  • Sample

    241010-tbee6syfmm

  • MD5

    a12fcfbcd31bed8a0b7c5e033360f3f0

  • SHA1

    3811b72ee0ec7f419af48b7247f6a09656404d60

  • SHA256

    69aca99423d2451b97698d929a180fe0d040903ffece27a963da9f8162f1c3c8

  • SHA512

    fd106a2f96c78d7f7bca4776811d8538deed6f86842271561c4a0480b3056577447e5cee962ea159736a70d071c723ff73a70549207db26b6a2d537fbf336284

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYE:vHW138/iXWlK885rKlGSekcj66ciR

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      69aca99423d2451b97698d929a180fe0d040903ffece27a963da9f8162f1c3c8N

    • Size

      333KB

    • MD5

      a12fcfbcd31bed8a0b7c5e033360f3f0

    • SHA1

      3811b72ee0ec7f419af48b7247f6a09656404d60

    • SHA256

      69aca99423d2451b97698d929a180fe0d040903ffece27a963da9f8162f1c3c8

    • SHA512

      fd106a2f96c78d7f7bca4776811d8538deed6f86842271561c4a0480b3056577447e5cee962ea159736a70d071c723ff73a70549207db26b6a2d537fbf336284

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYE:vHW138/iXWlK885rKlGSekcj66ciR

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks