Overview

overview

10

Static

static

10

6bcf44dcf3...18.exe

windows7-x64

10

6bcf44dcf3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bcf44dcf33adebd1a5bf1b1030f7769_JaffaCakes118

  • Size

    494KB

  • Sample

    241022-zazbvasfka

  • MD5

    6bcf44dcf33adebd1a5bf1b1030f7769

  • SHA1

    81ef122ccad66a0864e610130c9b465683e4700d

  • SHA256

    e211f2a9ce1eb38bcdd333c9a88ee74760f600dabb0aba9012c61e9e6ed8bacf

  • SHA512

    4af058284ae1a39aede135eecbc63c8d58f34514c7425f3e405da1f7f6845c7563c4ed2aaf52a1dd25d3a4d7a4a0523cd5b495cd4d1eb39281d2122eb31eb846

  • SSDEEP

    6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwK:AOgwmisETzuaeDPvjJ81VGqK6GvP7

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      6bcf44dcf33adebd1a5bf1b1030f7769_JaffaCakes118

    • Size

      494KB

    • MD5

      6bcf44dcf33adebd1a5bf1b1030f7769

    • SHA1

      81ef122ccad66a0864e610130c9b465683e4700d

    • SHA256

      e211f2a9ce1eb38bcdd333c9a88ee74760f600dabb0aba9012c61e9e6ed8bacf

    • SHA512

      4af058284ae1a39aede135eecbc63c8d58f34514c7425f3e405da1f7f6845c7563c4ed2aaf52a1dd25d3a4d7a4a0523cd5b495cd4d1eb39281d2122eb31eb846

    • SSDEEP

      6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwK:AOgwmisETzuaeDPvjJ81VGqK6GvP7

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks