General

  • Target

    0169c49a76f073b6b78511be88d7d0d7626e7a415592530a359a7106dc6a0b32N

  • Size

    64KB

  • Sample

    241017-jgy2naxhke

  • MD5

    06dcc9405e988cef545ac6cfff618f40

  • SHA1

    30f8c626f31a6cce8e9bef695c0abd71339a8834

  • SHA256

    0169c49a76f073b6b78511be88d7d0d7626e7a415592530a359a7106dc6a0b32

  • SHA512

    8d0defd9e434671a54a18d97b3029daaf6432b94fea7c77f5b44ae51b4557459e3ffad68fe80d3512b91f200ef14b9acb604a60fbe8f949a6126465f414c77c5

  • SSDEEP

    1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/X:6bQRSHpAvzyf7MzeTYX

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      0169c49a76f073b6b78511be88d7d0d7626e7a415592530a359a7106dc6a0b32N

    • Size

      64KB

    • MD5

      06dcc9405e988cef545ac6cfff618f40

    • SHA1

      30f8c626f31a6cce8e9bef695c0abd71339a8834

    • SHA256

      0169c49a76f073b6b78511be88d7d0d7626e7a415592530a359a7106dc6a0b32

    • SHA512

      8d0defd9e434671a54a18d97b3029daaf6432b94fea7c77f5b44ae51b4557459e3ffad68fe80d3512b91f200ef14b9acb604a60fbe8f949a6126465f414c77c5

    • SSDEEP

      1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/X:6bQRSHpAvzyf7MzeTYX

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks