General

  • Target

    4e5e132cab972dceae4555bce432af73_JaffaCakes118

  • Size

    59KB

  • Sample

    241016-w6arksyfmk

  • MD5

    4e5e132cab972dceae4555bce432af73

  • SHA1

    36dd23e045ead02f78abddfd73ab299985ed0ed8

  • SHA256

    c9d8676deb092ea525559e1744d1b57446ee0564e1d354dbf70e9ae5f052f255

  • SHA512

    d57a684f09e7fecb00256273c7c9bedda55dd086921cc36b7bc013160c48ea25d995fe5f27860daa6a30a571e9794215ef85eedab5983bbb4ed123de3b41ee77

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPq:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdd

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      4e5e132cab972dceae4555bce432af73_JaffaCakes118

    • Size

      59KB

    • MD5

      4e5e132cab972dceae4555bce432af73

    • SHA1

      36dd23e045ead02f78abddfd73ab299985ed0ed8

    • SHA256

      c9d8676deb092ea525559e1744d1b57446ee0564e1d354dbf70e9ae5f052f255

    • SHA512

      d57a684f09e7fecb00256273c7c9bedda55dd086921cc36b7bc013160c48ea25d995fe5f27860daa6a30a571e9794215ef85eedab5983bbb4ed123de3b41ee77

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPq:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdd

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks