General

  • Target

    4b4f5e9a2cad10984ee012634bbb2d3f_JaffaCakes118

  • Size

    494KB

  • Sample

    241016-ej6r3awanj

  • MD5

    4b4f5e9a2cad10984ee012634bbb2d3f

  • SHA1

    d9810a7a26f8f1a1501b19b610f9342da9e5ec69

  • SHA256

    e8c00cc03db3019b0661af783fafcc2097adb9f016bf53841499292a07c50362

  • SHA512

    6e9e6fb5b53319928a513bbbfd20fca8588c41ce0f0953571c15e654cd8269d5d7d593af5a3f15493be4671ac41d26da485d53166b8e9b6c42f6bce0580502ce

  • SSDEEP

    6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwZ:AOgwmisETzuaeDPvjJ81VGqK6GvPQ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      4b4f5e9a2cad10984ee012634bbb2d3f_JaffaCakes118

    • Size

      494KB

    • MD5

      4b4f5e9a2cad10984ee012634bbb2d3f

    • SHA1

      d9810a7a26f8f1a1501b19b610f9342da9e5ec69

    • SHA256

      e8c00cc03db3019b0661af783fafcc2097adb9f016bf53841499292a07c50362

    • SHA512

      6e9e6fb5b53319928a513bbbfd20fca8588c41ce0f0953571c15e654cd8269d5d7d593af5a3f15493be4671ac41d26da485d53166b8e9b6c42f6bce0580502ce

    • SSDEEP

      6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwZ:AOgwmisETzuaeDPvjJ81VGqK6GvPQ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks