General

  • Target

    b82f137eb06547d05186d7a767b5360bc32b3fc0129cef8c2a8593ea2159dfa8N

  • Size

    327KB

  • Sample

    241016-qthzjasanc

  • MD5

    53a7b71b884682e9e207ef306f6aed30

  • SHA1

    106f5bb08d8ecbdc9d790fa95e95bcad79d55b9e

  • SHA256

    b82f137eb06547d05186d7a767b5360bc32b3fc0129cef8c2a8593ea2159dfa8

  • SHA512

    ae137a66abe590c3497d330bd1de5a9230b41acc454c1d3bf0537d90a8b2ed114385904cb540148aa0ddf6fbed4f488a91bd6388352eb1b6060403af80112537

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOM:vHW138/iXWlK885rKlGSekcj66ciL

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      b82f137eb06547d05186d7a767b5360bc32b3fc0129cef8c2a8593ea2159dfa8N

    • Size

      327KB

    • MD5

      53a7b71b884682e9e207ef306f6aed30

    • SHA1

      106f5bb08d8ecbdc9d790fa95e95bcad79d55b9e

    • SHA256

      b82f137eb06547d05186d7a767b5360bc32b3fc0129cef8c2a8593ea2159dfa8

    • SHA512

      ae137a66abe590c3497d330bd1de5a9230b41acc454c1d3bf0537d90a8b2ed114385904cb540148aa0ddf6fbed4f488a91bd6388352eb1b6060403af80112537

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOM:vHW138/iXWlK885rKlGSekcj66ciL

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks