General

  • Target

    27870a8bf98b12dfa3dfec8d50babc10b35f9bc9839b6b883684c08dbb116c88

  • Size

    108KB

  • Sample

    241015-ylyc9axhnl

  • MD5

    d53efa8a51eacbf51ad6083c0dcd73d3

  • SHA1

    86bd4dea82c30972a1620ee3312245e4506ab8d4

  • SHA256

    27870a8bf98b12dfa3dfec8d50babc10b35f9bc9839b6b883684c08dbb116c88

  • SHA512

    6ea99e734d8df09c71322e9d2d2b9c9d2f56262d1ac3fd12ff4aaf3db47102fd994dde3b1b8d5bd0180a4b0a22aa42ef7b9b60be90a193a955aa8ea9e3b86423

  • SSDEEP

    1536:3JoHHwAnTtIBcNCk+syhonfC3GNKcK7+sWjcd8sWL64TGFjoo:4tCc+/h0fmSid81L64TGVoo

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      27870a8bf98b12dfa3dfec8d50babc10b35f9bc9839b6b883684c08dbb116c88

    • Size

      108KB

    • MD5

      d53efa8a51eacbf51ad6083c0dcd73d3

    • SHA1

      86bd4dea82c30972a1620ee3312245e4506ab8d4

    • SHA256

      27870a8bf98b12dfa3dfec8d50babc10b35f9bc9839b6b883684c08dbb116c88

    • SHA512

      6ea99e734d8df09c71322e9d2d2b9c9d2f56262d1ac3fd12ff4aaf3db47102fd994dde3b1b8d5bd0180a4b0a22aa42ef7b9b60be90a193a955aa8ea9e3b86423

    • SSDEEP

      1536:3JoHHwAnTtIBcNCk+syhonfC3GNKcK7+sWjcd8sWL64TGFjoo:4tCc+/h0fmSid81L64TGVoo

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks