General

  • Target

    7d2b119d7cb9ed16f0367f444331cccbae5c5092032887561ff660c95472f2f8N

  • Size

    332KB

  • Sample

    241103-d8et7sthmn

  • MD5

    f6635ac29f607998a4c7725fd5eede20

  • SHA1

    cc6eeea7c353e6010700722b37c7a77eb649ccfb

  • SHA256

    7d2b119d7cb9ed16f0367f444331cccbae5c5092032887561ff660c95472f2f8

  • SHA512

    07f5074208431a97fe3844bc21c10e2ccfeb3ca480f9ed4076592715c8d64c01773129a26545585dad671b54f84b57c2b67a6708cfad05dc83353c3ec191d9af

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVr:vHW138/iXWlK885rKlGSekcj66ciEr

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      7d2b119d7cb9ed16f0367f444331cccbae5c5092032887561ff660c95472f2f8N

    • Size

      332KB

    • MD5

      f6635ac29f607998a4c7725fd5eede20

    • SHA1

      cc6eeea7c353e6010700722b37c7a77eb649ccfb

    • SHA256

      7d2b119d7cb9ed16f0367f444331cccbae5c5092032887561ff660c95472f2f8

    • SHA512

      07f5074208431a97fe3844bc21c10e2ccfeb3ca480f9ed4076592715c8d64c01773129a26545585dad671b54f84b57c2b67a6708cfad05dc83353c3ec191d9af

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVr:vHW138/iXWlK885rKlGSekcj66ciEr

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks