General

  • Target

    b54c05d5802bcb94ba9dab24b0935ae4002e7dc411d0421b5b965d7f80eb1fb5N

  • Size

    327KB

  • Sample

    241011-cer21avdkl

  • MD5

    6ce8a66407d85c6fb40cbc062c5ca040

  • SHA1

    721e45296f898055c7c2ac5c47bf40ae8220423c

  • SHA256

    b54c05d5802bcb94ba9dab24b0935ae4002e7dc411d0421b5b965d7f80eb1fb5

  • SHA512

    ea79b32b062a8c1eef2b65fc42f06ad53e38ba3f4ea8222cf45e9e1399e58afd9f9313109b0e0e3143a4ff93b0a2da07db8c5339ed8f06482d8ea4ff7d22b478

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY8:vHW138/iXWlK885rKlGSekcj66ciV

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      b54c05d5802bcb94ba9dab24b0935ae4002e7dc411d0421b5b965d7f80eb1fb5N

    • Size

      327KB

    • MD5

      6ce8a66407d85c6fb40cbc062c5ca040

    • SHA1

      721e45296f898055c7c2ac5c47bf40ae8220423c

    • SHA256

      b54c05d5802bcb94ba9dab24b0935ae4002e7dc411d0421b5b965d7f80eb1fb5

    • SHA512

      ea79b32b062a8c1eef2b65fc42f06ad53e38ba3f4ea8222cf45e9e1399e58afd9f9313109b0e0e3143a4ff93b0a2da07db8c5339ed8f06482d8ea4ff7d22b478

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY8:vHW138/iXWlK885rKlGSekcj66ciV

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks