General

  • Target

    52415329d2c84eee74f036aced9f8271_JaffaCakes118

  • Size

    188KB

  • Sample

    241017-q1gp2stapj

  • MD5

    52415329d2c84eee74f036aced9f8271

  • SHA1

    05b230a7649364fe3d27ee2df6db9d95f40934e8

  • SHA256

    75731837f863758ea4eb140ed324f214dafba25435f366cb2ba24f719c419b0f

  • SHA512

    652c7d3fb49d5eecdbf75649732e1f634b5b48cadf9ff2856201edb67d4a4dae9379227e26b21f1277941a5724ec19a61d0688eaf46c44869b6a5186645447f5

  • SSDEEP

    3072:u3mvqCDm+W03RB5eUp6UlD/mUKissApfA6y4YHFadg:2mvqeP33AYFIN9treHyg

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      52415329d2c84eee74f036aced9f8271_JaffaCakes118

    • Size

      188KB

    • MD5

      52415329d2c84eee74f036aced9f8271

    • SHA1

      05b230a7649364fe3d27ee2df6db9d95f40934e8

    • SHA256

      75731837f863758ea4eb140ed324f214dafba25435f366cb2ba24f719c419b0f

    • SHA512

      652c7d3fb49d5eecdbf75649732e1f634b5b48cadf9ff2856201edb67d4a4dae9379227e26b21f1277941a5724ec19a61d0688eaf46c44869b6a5186645447f5

    • SSDEEP

      3072:u3mvqCDm+W03RB5eUp6UlD/mUKissApfA6y4YHFadg:2mvqeP33AYFIN9treHyg

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks