General

  • Target

    e5db60147e4fbbf793adf3a782b2e3913252bf36610b66846381c48857b47990N

  • Size

    333KB

  • Sample

    241011-ed2adstemb

  • MD5

    90cc2019b3333f7e11c3d2d5f48c59f0

  • SHA1

    de70a4ec5c1944d13a61621bfa3085e105f66363

  • SHA256

    e5db60147e4fbbf793adf3a782b2e3913252bf36610b66846381c48857b47990

  • SHA512

    521abb6641f654c96a3ba657b485ca3687c5897deaccdb8604001cbd0ef7ef05a608c935f5bbe53a6e8289444e0b2072055dafb53dcac9cafaf5a3340b8beb6a

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYm:vHW138/iXWlK885rKlGSekcj66cir

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      e5db60147e4fbbf793adf3a782b2e3913252bf36610b66846381c48857b47990N

    • Size

      333KB

    • MD5

      90cc2019b3333f7e11c3d2d5f48c59f0

    • SHA1

      de70a4ec5c1944d13a61621bfa3085e105f66363

    • SHA256

      e5db60147e4fbbf793adf3a782b2e3913252bf36610b66846381c48857b47990

    • SHA512

      521abb6641f654c96a3ba657b485ca3687c5897deaccdb8604001cbd0ef7ef05a608c935f5bbe53a6e8289444e0b2072055dafb53dcac9cafaf5a3340b8beb6a

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYm:vHW138/iXWlK885rKlGSekcj66cir

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks