General

  • Target

    a009476ce96770e6f7c424ab10a5186a08585bd72a47b697fb6fc1e35f77d7bb

  • Size

    64KB

  • Sample

    241016-cblqtaxapa

  • MD5

    f189efad620b0852e08522e90ea7b141

  • SHA1

    9f665e0dcdd292a1dde9f47037ac2225b0aa0f29

  • SHA256

    a009476ce96770e6f7c424ab10a5186a08585bd72a47b697fb6fc1e35f77d7bb

  • SHA512

    afeafd8124989dcc6d6d498c2e3922cc0eaa998d4705e4f739077205f762fe2e642cbf32eb2b40b6c6a8cf42df3b5d926b85fc3e8cfc46b44f40682a6aacb101

  • SSDEEP

    1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/Hk:6bQRSHpAvzyf7MzeTYE

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      a009476ce96770e6f7c424ab10a5186a08585bd72a47b697fb6fc1e35f77d7bb

    • Size

      64KB

    • MD5

      f189efad620b0852e08522e90ea7b141

    • SHA1

      9f665e0dcdd292a1dde9f47037ac2225b0aa0f29

    • SHA256

      a009476ce96770e6f7c424ab10a5186a08585bd72a47b697fb6fc1e35f77d7bb

    • SHA512

      afeafd8124989dcc6d6d498c2e3922cc0eaa998d4705e4f739077205f762fe2e642cbf32eb2b40b6c6a8cf42df3b5d926b85fc3e8cfc46b44f40682a6aacb101

    • SSDEEP

      1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/Hk:6bQRSHpAvzyf7MzeTYE

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks