General

  • Target

    a9b55c5ae69306b3d4b470ffd6bbf439bacd08cdb4671bd34a88dfc0644335dd

  • Size

    331KB

  • Sample

    241018-b5yf2aygpd

  • MD5

    9857b767fb41b1404d83f77e59a10ea3

  • SHA1

    8433a51d823150ac5509ee42fe8b0ab89063f1bb

  • SHA256

    a9b55c5ae69306b3d4b470ffd6bbf439bacd08cdb4671bd34a88dfc0644335dd

  • SHA512

    871aca9483edb6367376b82e65f2d563a8439723dcb08365de94b3a27739be5694d7c9d6306c242aade4a919ed9d92399d299ff19548b25d6d8a5448867ce072

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYJ:vHW138/iXWlK885rKlGSekcj66ciU

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      a9b55c5ae69306b3d4b470ffd6bbf439bacd08cdb4671bd34a88dfc0644335dd

    • Size

      331KB

    • MD5

      9857b767fb41b1404d83f77e59a10ea3

    • SHA1

      8433a51d823150ac5509ee42fe8b0ab89063f1bb

    • SHA256

      a9b55c5ae69306b3d4b470ffd6bbf439bacd08cdb4671bd34a88dfc0644335dd

    • SHA512

      871aca9483edb6367376b82e65f2d563a8439723dcb08365de94b3a27739be5694d7c9d6306c242aade4a919ed9d92399d299ff19548b25d6d8a5448867ce072

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYJ:vHW138/iXWlK885rKlGSekcj66ciU

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks