General

  • Target

    4c2dffad0ff5ad25aaaa9d5cbc7ff063_JaffaCakes118

  • Size

    240KB

  • Sample

    241016-kwy6mswflm

  • MD5

    4c2dffad0ff5ad25aaaa9d5cbc7ff063

  • SHA1

    d8f021c7d5ed1165f933ec3ad3f41c1329999e88

  • SHA256

    13f709341afa701ee14a717111170bd4f0f2233a485ea058932e8b82e20e8f3d

  • SHA512

    cd579a15d7809c7ba67aa7485d7f9d3d3a802185867ed4fb2ca4b2fe9b423b562c000dc839c9673038f7bace11d7fd6971533080e00fd128793b662d41ac89db

  • SSDEEP

    3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2Z:ZASpvo0LKkRzpxJ2kRqroiZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      4c2dffad0ff5ad25aaaa9d5cbc7ff063_JaffaCakes118

    • Size

      240KB

    • MD5

      4c2dffad0ff5ad25aaaa9d5cbc7ff063

    • SHA1

      d8f021c7d5ed1165f933ec3ad3f41c1329999e88

    • SHA256

      13f709341afa701ee14a717111170bd4f0f2233a485ea058932e8b82e20e8f3d

    • SHA512

      cd579a15d7809c7ba67aa7485d7f9d3d3a802185867ed4fb2ca4b2fe9b423b562c000dc839c9673038f7bace11d7fd6971533080e00fd128793b662d41ac89db

    • SSDEEP

      3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2Z:ZASpvo0LKkRzpxJ2kRqroiZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks