General

  • Target

    ab6691804969a4277076eaaa2527cc6aad60d15a7a2cd4e5153d13ac6e4362a6N

  • Size

    323KB

  • Sample

    241016-bb42qavblb

  • MD5

    e500ce29fc7e0c9e87a56711fbfe65d0

  • SHA1

    5bec021ed99643cb2c4e3c0ce51e904d2382cbe8

  • SHA256

    ab6691804969a4277076eaaa2527cc6aad60d15a7a2cd4e5153d13ac6e4362a6

  • SHA512

    91912f6a7b336254f53f8e9e36f8d6baf7b4856a6b2732660b5726080ae0fce06dcce7cb5ff3e02d6cdaf795e49509f9595e262cdd40378ebee6ec2800833fe5

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY+:vHW138/iXWlK885rKlGSekcj66cib

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      ab6691804969a4277076eaaa2527cc6aad60d15a7a2cd4e5153d13ac6e4362a6N

    • Size

      323KB

    • MD5

      e500ce29fc7e0c9e87a56711fbfe65d0

    • SHA1

      5bec021ed99643cb2c4e3c0ce51e904d2382cbe8

    • SHA256

      ab6691804969a4277076eaaa2527cc6aad60d15a7a2cd4e5153d13ac6e4362a6

    • SHA512

      91912f6a7b336254f53f8e9e36f8d6baf7b4856a6b2732660b5726080ae0fce06dcce7cb5ff3e02d6cdaf795e49509f9595e262cdd40378ebee6ec2800833fe5

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY+:vHW138/iXWlK885rKlGSekcj66cib

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks