General

  • Target

    6c7760f29cf975c00fea7f7613b9e1f56ec5be3f13efe45492b619c18da5de0d

  • Size

    325KB

  • Sample

    241017-21xbaa1hle

  • MD5

    8c22231613461259dc67f7aea500144c

  • SHA1

    c563e472e04ae768e99a0c015621548838f0df82

  • SHA256

    6c7760f29cf975c00fea7f7613b9e1f56ec5be3f13efe45492b619c18da5de0d

  • SHA512

    e9c0a188a1a47406b4622d8f7fed515e0d906f87f001417702d6f8db0445b0714bb32d2d7f4094ec2ef50cc0c4e4556599e7f8422045e593d5a84df9792ecea2

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYw:vHW138/iXWlK885rKlGSekcj66cih

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      6c7760f29cf975c00fea7f7613b9e1f56ec5be3f13efe45492b619c18da5de0d

    • Size

      325KB

    • MD5

      8c22231613461259dc67f7aea500144c

    • SHA1

      c563e472e04ae768e99a0c015621548838f0df82

    • SHA256

      6c7760f29cf975c00fea7f7613b9e1f56ec5be3f13efe45492b619c18da5de0d

    • SHA512

      e9c0a188a1a47406b4622d8f7fed515e0d906f87f001417702d6f8db0445b0714bb32d2d7f4094ec2ef50cc0c4e4556599e7f8422045e593d5a84df9792ecea2

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYw:vHW138/iXWlK885rKlGSekcj66cih

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks