General

  • Target

    4c52f2994fd58cde45cd64c45b94caf309464c54594fddd183f7f55f365c7f2aN

  • Size

    334KB

  • Sample

    241017-fztywaxbqp

  • MD5

    34838aa37e073454814bdf60669cbfb0

  • SHA1

    f6a47f2b5cfaf9e22c765bda2e8ec1747dec03e7

  • SHA256

    4c52f2994fd58cde45cd64c45b94caf309464c54594fddd183f7f55f365c7f2a

  • SHA512

    d0791a66dbdd61e60b940dbe433aa2cd4c56ae0b382fbd879d13b4b2b24c25b804ec774696ff427cfc47806b09c700ee1971da61888098a119fd5e9543c048c4

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYL:vHW138/iXWlK885rKlGSekcj66cia

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      4c52f2994fd58cde45cd64c45b94caf309464c54594fddd183f7f55f365c7f2aN

    • Size

      334KB

    • MD5

      34838aa37e073454814bdf60669cbfb0

    • SHA1

      f6a47f2b5cfaf9e22c765bda2e8ec1747dec03e7

    • SHA256

      4c52f2994fd58cde45cd64c45b94caf309464c54594fddd183f7f55f365c7f2a

    • SHA512

      d0791a66dbdd61e60b940dbe433aa2cd4c56ae0b382fbd879d13b4b2b24c25b804ec774696ff427cfc47806b09c700ee1971da61888098a119fd5e9543c048c4

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYL:vHW138/iXWlK885rKlGSekcj66cia

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks