General
-
Target
e8f19f777f0a7fd6c3e4ef59c0f2075c68778158dc8bed6c756ca103453901a0N
-
Size
447KB
-
Sample
241104-rbz1rs1aqc
-
MD5
4ef67d935d3f16ccf748c6f50c023900
-
SHA1
25af3f55bb0f0d3f79e9cb806d0263e41a4a06ff
-
SHA256
e8f19f777f0a7fd6c3e4ef59c0f2075c68778158dc8bed6c756ca103453901a0
-
SHA512
8ce2ffe057a36d33569fe3f53a170a8d699f1a78a1c40e791e5be4ae94fdb86d120d2c1224e0d0156d97a358373350f226dbc004c91774643120c8919669778a
-
SSDEEP
6144:CEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFS:CMpASIcWYx2U6hAJQnh
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
e8f19f777f0a7fd6c3e4ef59c0f2075c68778158dc8bed6c756ca103453901a0N
-
Size
447KB
-
MD5
4ef67d935d3f16ccf748c6f50c023900
-
SHA1
25af3f55bb0f0d3f79e9cb806d0263e41a4a06ff
-
SHA256
e8f19f777f0a7fd6c3e4ef59c0f2075c68778158dc8bed6c756ca103453901a0
-
SHA512
8ce2ffe057a36d33569fe3f53a170a8d699f1a78a1c40e791e5be4ae94fdb86d120d2c1224e0d0156d97a358373350f226dbc004c91774643120c8919669778a
-
SSDEEP
6144:CEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFS:CMpASIcWYx2U6hAJQnh
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-