General

  • Target

    fb8462ca0dd0cacc53d76a67d8d2be7cc8387fcd244f28e684e367331809454f

  • Size

    333KB

  • Sample

    241016-jjncyatgqm

  • MD5

    77089133ae7005cd4fb03c53bb35a60b

  • SHA1

    7cbe4dd43eee641352d61fb9003a890709697d04

  • SHA256

    fb8462ca0dd0cacc53d76a67d8d2be7cc8387fcd244f28e684e367331809454f

  • SHA512

    359811d3a8a00a7f324318807fe250146dd8310f030a900c66fd0f5c42267342cabc849a2e8e07c2556f3c271ed3872880131ad3da2ff62e0615004e9b07c478

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYG:vHW138/iXWlK885rKlGSekcj66ciP

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      fb8462ca0dd0cacc53d76a67d8d2be7cc8387fcd244f28e684e367331809454f

    • Size

      333KB

    • MD5

      77089133ae7005cd4fb03c53bb35a60b

    • SHA1

      7cbe4dd43eee641352d61fb9003a890709697d04

    • SHA256

      fb8462ca0dd0cacc53d76a67d8d2be7cc8387fcd244f28e684e367331809454f

    • SHA512

      359811d3a8a00a7f324318807fe250146dd8310f030a900c66fd0f5c42267342cabc849a2e8e07c2556f3c271ed3872880131ad3da2ff62e0615004e9b07c478

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYG:vHW138/iXWlK885rKlGSekcj66ciP

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks