General

  • Target

    6837972b538d2589b063de2aeb7320286a378296bbcd76d7a425bfaebfa95b73

  • Size

    330KB

  • Sample

    241015-2qvppsvhjk

  • MD5

    6da963e639ecb948a3e69c5c394421b5

  • SHA1

    c49c9dc13e9eeb09b02cd5adbb5ecd5d5ffa5721

  • SHA256

    6837972b538d2589b063de2aeb7320286a378296bbcd76d7a425bfaebfa95b73

  • SHA512

    1b4204c6d99d3d73ad4fce5bdb2bfe216899580567521bc20c97d4646c161e43a504e137c974a7d339f07e97d49084ddef8668dfcffc2f36b10128aa54978fd8

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYrZ:vHW138/iXWlK885rKlGSekcj66cio

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      6837972b538d2589b063de2aeb7320286a378296bbcd76d7a425bfaebfa95b73

    • Size

      330KB

    • MD5

      6da963e639ecb948a3e69c5c394421b5

    • SHA1

      c49c9dc13e9eeb09b02cd5adbb5ecd5d5ffa5721

    • SHA256

      6837972b538d2589b063de2aeb7320286a378296bbcd76d7a425bfaebfa95b73

    • SHA512

      1b4204c6d99d3d73ad4fce5bdb2bfe216899580567521bc20c97d4646c161e43a504e137c974a7d339f07e97d49084ddef8668dfcffc2f36b10128aa54978fd8

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYrZ:vHW138/iXWlK885rKlGSekcj66cio

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks