Overview

overview

10

Static

static

3

dfd1360e95...ed.exe

windows7-x64

10

dfd1360e95...ed.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfd1360e95bc793b8cff42285ed5e22c71a6a0703bf5a8ba75370671b1c8c8ed

  • Size

    331KB

  • Sample

    241025-hbfsfsxajr

  • MD5

    44aaea6211a4b73c24582501a3a99356

  • SHA1

    29d00953ac07d85add728a3c985a4aa4eeab3d68

  • SHA256

    dfd1360e95bc793b8cff42285ed5e22c71a6a0703bf5a8ba75370671b1c8c8ed

  • SHA512

    380e4c1f8eef582bcbb181a1ab5de12053a3ba0e2c289f117b80586a6a2827b7c7cda7e1589b4480505753fd8d6cac5a5684c58ff4bcb8c8b5474c0db37bad89

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYV6:vHW138/iXWlK885rKlGSekcj66ciE6

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      dfd1360e95bc793b8cff42285ed5e22c71a6a0703bf5a8ba75370671b1c8c8ed

    • Size

      331KB

    • MD5

      44aaea6211a4b73c24582501a3a99356

    • SHA1

      29d00953ac07d85add728a3c985a4aa4eeab3d68

    • SHA256

      dfd1360e95bc793b8cff42285ed5e22c71a6a0703bf5a8ba75370671b1c8c8ed

    • SHA512

      380e4c1f8eef582bcbb181a1ab5de12053a3ba0e2c289f117b80586a6a2827b7c7cda7e1589b4480505753fd8d6cac5a5684c58ff4bcb8c8b5474c0db37bad89

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYV6:vHW138/iXWlK885rKlGSekcj66ciE6

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks