Overview

overview

10

Static

static

3

7ed99aad19...18.exe

windows7-x64

10

7ed99aad19...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7ed99aad19ee43ef507d5d1d9e39c9b3_JaffaCakes118

  • Size

    59KB

  • Sample

    241030-mn6lvs1gqd

  • MD5

    7ed99aad19ee43ef507d5d1d9e39c9b3

  • SHA1

    a67ab083bd8e5411a7d9d4fc9e2be5d9b88f7c81

  • SHA256

    40a04c7d06f0f48ea766a54a2a6d25665f02a735609c3815f9b3d8e2f317a100

  • SHA512

    1a3551834e9ab4ca4e1b4abc859c75953871d4d7db0d24943e439aee9811fdcb78809ef69bdd16c10acfb51a8ade964b14bcfbea1fdfc7b2c00e07b1f7b816fe

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP1:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdy

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      7ed99aad19ee43ef507d5d1d9e39c9b3_JaffaCakes118

    • Size

      59KB

    • MD5

      7ed99aad19ee43ef507d5d1d9e39c9b3

    • SHA1

      a67ab083bd8e5411a7d9d4fc9e2be5d9b88f7c81

    • SHA256

      40a04c7d06f0f48ea766a54a2a6d25665f02a735609c3815f9b3d8e2f317a100

    • SHA512

      1a3551834e9ab4ca4e1b4abc859c75953871d4d7db0d24943e439aee9811fdcb78809ef69bdd16c10acfb51a8ade964b14bcfbea1fdfc7b2c00e07b1f7b816fe

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP1:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdy

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks