Overview

overview

10

Static

static

3

f5c7e36356...9N.exe

windows7-x64

10

f5c7e36356...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5c7e36356722df46ad34b667a8fe494696b26e079250a65bd95e2b9a05ca499N

  • Size

    333KB

  • Sample

    241109-r4c2pswfkg

  • MD5

    1e89de63483e202150fa11815df5ee70

  • SHA1

    8350fcd929ed6949b8c348bcb908898ee98ff02d

  • SHA256

    f5c7e36356722df46ad34b667a8fe494696b26e079250a65bd95e2b9a05ca499

  • SHA512

    00d2483362ab7b7f30fc4317d15df565256b05098807304189807cead37ca0848ace424a0026746b7140850e1698b4c314b15ede39c50f8fe9d32cc76f81aad3

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9m:vHW138/iXWlK885rKlGSekcj66ciWm

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      f5c7e36356722df46ad34b667a8fe494696b26e079250a65bd95e2b9a05ca499N

    • Size

      333KB

    • MD5

      1e89de63483e202150fa11815df5ee70

    • SHA1

      8350fcd929ed6949b8c348bcb908898ee98ff02d

    • SHA256

      f5c7e36356722df46ad34b667a8fe494696b26e079250a65bd95e2b9a05ca499

    • SHA512

      00d2483362ab7b7f30fc4317d15df565256b05098807304189807cead37ca0848ace424a0026746b7140850e1698b4c314b15ede39c50f8fe9d32cc76f81aad3

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XY9m:vHW138/iXWlK885rKlGSekcj66ciWm

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks