Overview

overview

10

Static

static

3

aafe069fc7...b9.exe

windows7-x64

10

aafe069fc7...b9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aafe069fc73e8c55035202c6e11e25beacc81d61fd2cc3e9e296adf7a5a6f1b9

  • Size

    325KB

  • Sample

    241025-ea79javdll

  • MD5

    c5712fdd41b0abaa241a789f2ad46907

  • SHA1

    1c7a147606481531c7f254f816b4dee8bc65f302

  • SHA256

    aafe069fc73e8c55035202c6e11e25beacc81d61fd2cc3e9e296adf7a5a6f1b9

  • SHA512

    96752038b10dea6f0ac943b354ca3f60001f0198a9d498096e873b13bf32db1448895a3753ac327dcedaa92247e373afbadb2627bbd9dd2eb5218a3c936efd01

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY2:vHW138/iXWlK885rKlGSekcj66ciL

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      aafe069fc73e8c55035202c6e11e25beacc81d61fd2cc3e9e296adf7a5a6f1b9

    • Size

      325KB

    • MD5

      c5712fdd41b0abaa241a789f2ad46907

    • SHA1

      1c7a147606481531c7f254f816b4dee8bc65f302

    • SHA256

      aafe069fc73e8c55035202c6e11e25beacc81d61fd2cc3e9e296adf7a5a6f1b9

    • SHA512

      96752038b10dea6f0ac943b354ca3f60001f0198a9d498096e873b13bf32db1448895a3753ac327dcedaa92247e373afbadb2627bbd9dd2eb5218a3c936efd01

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY2:vHW138/iXWlK885rKlGSekcj66ciL

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks