General

  • Target

    e16676727383facf51b3f6e36b543bb72402db8ebb765435cf981ea690d9e23cN

  • Size

    326KB

  • Sample

    241011-dlv8nssdmb

  • MD5

    0898443f1e68481b376e9974000f7b10

  • SHA1

    376024c5984fe1f0cf467eefa645e740f5a86666

  • SHA256

    e16676727383facf51b3f6e36b543bb72402db8ebb765435cf981ea690d9e23c

  • SHA512

    9184c255e011fd6e9823680de2106f4684cb62adcb342251f9928971b6f878526456f1b7f2e778e5872767a98c233a169c61bed5c9bd023a1df45668224ddbdf

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMO+:vHW138/iXWlK885rKlGSekcj66ciJ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      e16676727383facf51b3f6e36b543bb72402db8ebb765435cf981ea690d9e23cN

    • Size

      326KB

    • MD5

      0898443f1e68481b376e9974000f7b10

    • SHA1

      376024c5984fe1f0cf467eefa645e740f5a86666

    • SHA256

      e16676727383facf51b3f6e36b543bb72402db8ebb765435cf981ea690d9e23c

    • SHA512

      9184c255e011fd6e9823680de2106f4684cb62adcb342251f9928971b6f878526456f1b7f2e778e5872767a98c233a169c61bed5c9bd023a1df45668224ddbdf

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMO+:vHW138/iXWlK885rKlGSekcj66ciJ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks