Overview

overview

10

Static

static

3

1feeeddd0a...9N.exe

windows7-x64

10

1feeeddd0a...9N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1feeeddd0aa1b1341e96df8e53dd2d0463381912904963010457eb64fed5d7f9N

  • Size

    330KB

  • Sample

    241026-act3gaxglp

  • MD5

    1a26985e3b7ebd599e917917c69ca6c0

  • SHA1

    7677bc55939679a99053a9c9f795a63e717176b2

  • SHA256

    1feeeddd0aa1b1341e96df8e53dd2d0463381912904963010457eb64fed5d7f9

  • SHA512

    018e9d5154c48ced5cb6506075e52cc3d65e96372ab6b40ca70e1d7c0555ec7c0a36a2ea7b860211f63e0f83edde28f9aae32cc658af650edcfbab74675eeaea

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVP:vHW138/iXWlK885rKlGSekcj66ciEP

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      1feeeddd0aa1b1341e96df8e53dd2d0463381912904963010457eb64fed5d7f9N

    • Size

      330KB

    • MD5

      1a26985e3b7ebd599e917917c69ca6c0

    • SHA1

      7677bc55939679a99053a9c9f795a63e717176b2

    • SHA256

      1feeeddd0aa1b1341e96df8e53dd2d0463381912904963010457eb64fed5d7f9

    • SHA512

      018e9d5154c48ced5cb6506075e52cc3d65e96372ab6b40ca70e1d7c0555ec7c0a36a2ea7b860211f63e0f83edde28f9aae32cc658af650edcfbab74675eeaea

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVP:vHW138/iXWlK885rKlGSekcj66ciEP

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks