General

  • Target

    11f2c34c9da82ec866b2f0c100fcce45eb2d598aa9987af850f25c0287852a28

  • Size

    57KB

  • Sample

    241016-xedvlazcjp

  • MD5

    5288369374ca6abf64132ca9b8c68d0c

  • SHA1

    8f01d54f3628072376897e1b85479e24dab9b980

  • SHA256

    11f2c34c9da82ec866b2f0c100fcce45eb2d598aa9987af850f25c0287852a28

  • SHA512

    9c32b0a4f090d440f8af339000e94e4b2707e01c4ef9f7ab13fc4f8cba99aa0cd3f6973db928c33c876eaa2d9929ebdf0e1ed92a6f38bd672a8d56f05d1aafe8

  • SSDEEP

    1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8Q:MOemdTd1o74qlmbbJ+x+IkW

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      11f2c34c9da82ec866b2f0c100fcce45eb2d598aa9987af850f25c0287852a28

    • Size

      57KB

    • MD5

      5288369374ca6abf64132ca9b8c68d0c

    • SHA1

      8f01d54f3628072376897e1b85479e24dab9b980

    • SHA256

      11f2c34c9da82ec866b2f0c100fcce45eb2d598aa9987af850f25c0287852a28

    • SHA512

      9c32b0a4f090d440f8af339000e94e4b2707e01c4ef9f7ab13fc4f8cba99aa0cd3f6973db928c33c876eaa2d9929ebdf0e1ed92a6f38bd672a8d56f05d1aafe8

    • SSDEEP

      1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8Q:MOemdTd1o74qlmbbJ+x+IkW

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks