General

  • Target

    224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158

  • Size

    616KB

  • Sample

    241017-x3htfs1fqg

  • MD5

    4188164a4e1bf424a35bcc1b3b47ce88

  • SHA1

    66cf3c0502bc0f6059ba91582db3d8adf7ae5202

  • SHA256

    224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158

  • SHA512

    75d94ed8f767cf24ebe9a2ba1c8481b6b433ee7a3c71697040bd45c80ad1d2475bc6e199f3dcef3b7a947b84aeae61602f169aa15ec9623870da2dc981b8859c

  • SSDEEP

    6144:MmbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXNl:Mma6idv8zzkGHVqoq/gKNl

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158

    • Size

      616KB

    • MD5

      4188164a4e1bf424a35bcc1b3b47ce88

    • SHA1

      66cf3c0502bc0f6059ba91582db3d8adf7ae5202

    • SHA256

      224a974e4195d27016668799ef2e258a8a90b2fa2ffbf90803c04c888757a158

    • SHA512

      75d94ed8f767cf24ebe9a2ba1c8481b6b433ee7a3c71697040bd45c80ad1d2475bc6e199f3dcef3b7a947b84aeae61602f169aa15ec9623870da2dc981b8859c

    • SSDEEP

      6144:MmbmLppYOuakYGWV5Q4XMxvQ4x1OpGcm9VQl0lM/oJ4/gupXNl:Mma6idv8zzkGHVqoq/gKNl

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks