General

  • Target

    4d9a8a5f9a6d73293743449fb8686594012f7ca65b27a5c906b725d28d089d00N

  • Size

    333KB

  • Sample

    241011-a8fjys1fll

  • MD5

    d885e90a6d33cc24efc2e181264a4970

  • SHA1

    1af5348b55477b3e9fec2a5d7571009e76fcf4f9

  • SHA256

    4d9a8a5f9a6d73293743449fb8686594012f7ca65b27a5c906b725d28d089d00

  • SHA512

    245bb0e7514fdca0bd25be9ec712fea424ca9f91d1af6325d5779ebaa34124c03ef20e87ba17557ff143a1fc99064ab7a01bf7fd38bcbdb447284ff30163ddd9

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYO:vHW138/iXWlK885rKlGSekcj66cin

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      4d9a8a5f9a6d73293743449fb8686594012f7ca65b27a5c906b725d28d089d00N

    • Size

      333KB

    • MD5

      d885e90a6d33cc24efc2e181264a4970

    • SHA1

      1af5348b55477b3e9fec2a5d7571009e76fcf4f9

    • SHA256

      4d9a8a5f9a6d73293743449fb8686594012f7ca65b27a5c906b725d28d089d00

    • SHA512

      245bb0e7514fdca0bd25be9ec712fea424ca9f91d1af6325d5779ebaa34124c03ef20e87ba17557ff143a1fc99064ab7a01bf7fd38bcbdb447284ff30163ddd9

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYO:vHW138/iXWlK885rKlGSekcj66cin

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks