General

  • Target

    4e41dd38ae85aa7aa1770e07d8318522be0fa5807a6fb1a1faafdcd6f7e5dbfb

  • Size

    65KB

  • Sample

    241010-z1l47sxakd

  • MD5

    c5c29a65376f63494d3318e75b365913

  • SHA1

    c53aef26f369f7521d808cc0f5de93f7ee52f4b8

  • SHA256

    4e41dd38ae85aa7aa1770e07d8318522be0fa5807a6fb1a1faafdcd6f7e5dbfb

  • SHA512

    b61c2d8511ec54e618c1d68997d258c63758490ec99138d4adf245f20ce7c3354d400eada2e90895ba9b26572b5799bff1baa21eda7fff8db918a7518b82bcb0

  • SSDEEP

    1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUD0b:6bQRSHpAvzyf7MzeThD0b

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      4e41dd38ae85aa7aa1770e07d8318522be0fa5807a6fb1a1faafdcd6f7e5dbfb

    • Size

      65KB

    • MD5

      c5c29a65376f63494d3318e75b365913

    • SHA1

      c53aef26f369f7521d808cc0f5de93f7ee52f4b8

    • SHA256

      4e41dd38ae85aa7aa1770e07d8318522be0fa5807a6fb1a1faafdcd6f7e5dbfb

    • SHA512

      b61c2d8511ec54e618c1d68997d258c63758490ec99138d4adf245f20ce7c3354d400eada2e90895ba9b26572b5799bff1baa21eda7fff8db918a7518b82bcb0

    • SSDEEP

      1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUD0b:6bQRSHpAvzyf7MzeThD0b

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks