Overview

overview

10

Static

static

10

2024-11-01...ot.exe

windows7-x64

10

2024-11-01...ot.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-01_5381e8088a4d5443a40e1316522f8b79_magniber_qakbot

  • Size

    4.7MB

  • Sample

    241101-y81f5atjgw

  • MD5

    5381e8088a4d5443a40e1316522f8b79

  • SHA1

    6004d42dc5828991c18bce4d18b03991d04b39f5

  • SHA256

    135807bfc79183f8064315a6b2086ee0933d1f5b44c1e3ab20fbe9824ece90a4

  • SHA512

    9438062848f45b92442e68ec86c5273823af740f64c142b353b19f057d1d607f96021595c573fa3ad319b9a27513f70ee4263f22b1e2115f335305c6026ee5b4

  • SSDEEP

    49152:a2V7djp+oE2ZjHoZB6EZ88JUUXIEABMRviTURcI:a2V7NpW6Y6joUE

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.30.235

121.88.5.181

112.223.217.101

Targets

    • Target

      2024-11-01_5381e8088a4d5443a40e1316522f8b79_magniber_qakbot

    • Size

      4.7MB

    • MD5

      5381e8088a4d5443a40e1316522f8b79

    • SHA1

      6004d42dc5828991c18bce4d18b03991d04b39f5

    • SHA256

      135807bfc79183f8064315a6b2086ee0933d1f5b44c1e3ab20fbe9824ece90a4

    • SHA512

      9438062848f45b92442e68ec86c5273823af740f64c142b353b19f057d1d607f96021595c573fa3ad319b9a27513f70ee4263f22b1e2115f335305c6026ee5b4

    • SSDEEP

      49152:a2V7djp+oE2ZjHoZB6EZ88JUUXIEABMRviTURcI:a2V7NpW6Y6joUE

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks