General

  • Target

    b9b941340d2f6567cc3b1cabc1ce7c6b20eaf5dff660118c3882975a4f813e1bN

  • Size

    326KB

  • Sample

    241025-x7bkya1nhw

  • MD5

    d4b7dbc86747362b43fc8a39a2d120c0

  • SHA1

    80dac6c0814990e03dfe6e01ccb2b7922414d448

  • SHA256

    b9b941340d2f6567cc3b1cabc1ce7c6b20eaf5dff660118c3882975a4f813e1b

  • SHA512

    d91831712d8f7f2eb9225bff1418dd603bceaf98379c2ba2d9fe006953c95d3fc466dbba7228374ffc5df0bea88cc5eab2f9567ea1373845d2b58c670bf0daea

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYP:vHW138/iXWlK885rKlGSekcj66ciG

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      b9b941340d2f6567cc3b1cabc1ce7c6b20eaf5dff660118c3882975a4f813e1bN

    • Size

      326KB

    • MD5

      d4b7dbc86747362b43fc8a39a2d120c0

    • SHA1

      80dac6c0814990e03dfe6e01ccb2b7922414d448

    • SHA256

      b9b941340d2f6567cc3b1cabc1ce7c6b20eaf5dff660118c3882975a4f813e1b

    • SHA512

      d91831712d8f7f2eb9225bff1418dd603bceaf98379c2ba2d9fe006953c95d3fc466dbba7228374ffc5df0bea88cc5eab2f9567ea1373845d2b58c670bf0daea

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYP:vHW138/iXWlK885rKlGSekcj66ciG

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks