Overview

overview

10

Static

static

3

31d4154d1b...b4.exe

windows7-x64

10

31d4154d1b...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31d4154d1b40a3f60a49701535d857bde631e61f79e5f52aadf7e0789c29b0b4

  • Size

    332KB

  • Sample

    241026-yhr23awkfr

  • MD5

    76f5fdf8b29d6d325a2954eb9affd758

  • SHA1

    738271ce6399a06456279ae22117905ab63fe4dc

  • SHA256

    31d4154d1b40a3f60a49701535d857bde631e61f79e5f52aadf7e0789c29b0b4

  • SHA512

    5a3ff505f249bf294e540d1d336a0543f8057bc3b6fa5e7b346f05bf7e88894ef599f11b1ce03e0b81fe66c10ec7ee94bf6c95f7983af5f1ca27b69ac498a090

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYr5:vHW138/iXWlK885rKlGSekcj66ci8

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      31d4154d1b40a3f60a49701535d857bde631e61f79e5f52aadf7e0789c29b0b4

    • Size

      332KB

    • MD5

      76f5fdf8b29d6d325a2954eb9affd758

    • SHA1

      738271ce6399a06456279ae22117905ab63fe4dc

    • SHA256

      31d4154d1b40a3f60a49701535d857bde631e61f79e5f52aadf7e0789c29b0b4

    • SHA512

      5a3ff505f249bf294e540d1d336a0543f8057bc3b6fa5e7b346f05bf7e88894ef599f11b1ce03e0b81fe66c10ec7ee94bf6c95f7983af5f1ca27b69ac498a090

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYr5:vHW138/iXWlK885rKlGSekcj66ci8

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks