General

  • Target

    0f923ac47b8a8496fca66baa531399e93aeef21281b68e96dc165222a5870df4N

  • Size

    327KB

  • Sample

    241010-xyydcasaqb

  • MD5

    7a1d189642085fc322c7cd48f85bae60

  • SHA1

    17daae6e2a16b464e781272d991697c4de667d99

  • SHA256

    0f923ac47b8a8496fca66baa531399e93aeef21281b68e96dc165222a5870df4

  • SHA512

    42008a39695f3c379e83b116d0aacf67d3e8902918d1e58d7fd96ee7b1b67cb76cc595b09c7be9cd6a03edd312f91c46001a8cdd493081ea9ecd4203ea406b0e

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYW:vHW138/iXWlK885rKlGSekcj66ciz

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      0f923ac47b8a8496fca66baa531399e93aeef21281b68e96dc165222a5870df4N

    • Size

      327KB

    • MD5

      7a1d189642085fc322c7cd48f85bae60

    • SHA1

      17daae6e2a16b464e781272d991697c4de667d99

    • SHA256

      0f923ac47b8a8496fca66baa531399e93aeef21281b68e96dc165222a5870df4

    • SHA512

      42008a39695f3c379e83b116d0aacf67d3e8902918d1e58d7fd96ee7b1b67cb76cc595b09c7be9cd6a03edd312f91c46001a8cdd493081ea9ecd4203ea406b0e

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYW:vHW138/iXWlK885rKlGSekcj66ciz

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks