General

  • Target

    510ec327655bc4dfb2f9bbc09447586cd0ebfb3bfe1f1745222ee23287be7f17

  • Size

    331KB

  • Sample

    241017-1pqtpa1frp

  • MD5

    b2de6018fc625f405770446cd571e05b

  • SHA1

    5e3148ab3c2215a2e2b1860b83df3c09122da907

  • SHA256

    510ec327655bc4dfb2f9bbc09447586cd0ebfb3bfe1f1745222ee23287be7f17

  • SHA512

    1b9565539b7bbffff074b5cd8162d4599677e86d84adb491f7392e6c74e3a7c44610f288ee8e77876e369c4f679a47e970238bd4a8db580210646d791e1dc3a0

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYM:vHW138/iXWlK885rKlGSekcj66ciZ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      510ec327655bc4dfb2f9bbc09447586cd0ebfb3bfe1f1745222ee23287be7f17

    • Size

      331KB

    • MD5

      b2de6018fc625f405770446cd571e05b

    • SHA1

      5e3148ab3c2215a2e2b1860b83df3c09122da907

    • SHA256

      510ec327655bc4dfb2f9bbc09447586cd0ebfb3bfe1f1745222ee23287be7f17

    • SHA512

      1b9565539b7bbffff074b5cd8162d4599677e86d84adb491f7392e6c74e3a7c44610f288ee8e77876e369c4f679a47e970238bd4a8db580210646d791e1dc3a0

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYM:vHW138/iXWlK885rKlGSekcj66ciZ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks