General

  • Target

    7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47N

  • Size

    6.5MB

  • Sample

    241102-xz7y6ssgpa

  • MD5

    5a0997fb887c620d2815135e9a8f9e00

  • SHA1

    b60b295c2ee512364978eb9d0dad3de46ab91a80

  • SHA256

    7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47

  • SHA512

    99eaa2bd1e12fa9f07458930e59b66fa5e9370983df605189c6b2dc147a2389c0bf668bed010512b432f705635fa071359dbd6ae499ee7653e2649a100b70b68

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSq:i0LrA2kHKQHNk3og9unipQyOaOq

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47N

    • Size

      6.5MB

    • MD5

      5a0997fb887c620d2815135e9a8f9e00

    • SHA1

      b60b295c2ee512364978eb9d0dad3de46ab91a80

    • SHA256

      7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47

    • SHA512

      99eaa2bd1e12fa9f07458930e59b66fa5e9370983df605189c6b2dc147a2389c0bf668bed010512b432f705635fa071359dbd6ae499ee7653e2649a100b70b68

    • SSDEEP

      98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSq:i0LrA2kHKQHNk3og9unipQyOaOq

    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks