Overview

overview

10

Static

static

3

85ad1f0868...7N.exe

windows7-x64

10

85ad1f0868...7N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85ad1f0868253573149bb2af7c543e4295bf0b8cadc35c59aa815e6607a76f67N

  • Size

    332KB

  • Sample

    241108-hjvataxgjh

  • MD5

    2051ab14fc2806545ff87e3072363180

  • SHA1

    c9bec8f7cb4acc93ac8375034945e067cda2e563

  • SHA256

    85ad1f0868253573149bb2af7c543e4295bf0b8cadc35c59aa815e6607a76f67

  • SHA512

    a1b181a60e10734927aad84d3a1f530111b82be37ab21dd169f4145e91e4df1f55cf8d0d2fc46158bf7a5f8a8c8256b86a4223f402dedc1d3e184a24dbd39ff1

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYq:vHW138/iXWlK885rKlGSekcj66cib

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      85ad1f0868253573149bb2af7c543e4295bf0b8cadc35c59aa815e6607a76f67N

    • Size

      332KB

    • MD5

      2051ab14fc2806545ff87e3072363180

    • SHA1

      c9bec8f7cb4acc93ac8375034945e067cda2e563

    • SHA256

      85ad1f0868253573149bb2af7c543e4295bf0b8cadc35c59aa815e6607a76f67

    • SHA512

      a1b181a60e10734927aad84d3a1f530111b82be37ab21dd169f4145e91e4df1f55cf8d0d2fc46158bf7a5f8a8c8256b86a4223f402dedc1d3e184a24dbd39ff1

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYq:vHW138/iXWlK885rKlGSekcj66cib

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks