Overview

overview

10

Static

static

3

49f3b7cd02...ed.exe

windows7-x64

10

49f3b7cd02...ed.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49f3b7cd0257dd629a7a4ae2b7c8e77212ff1f8c735dba5eb1251e789b7928ed

  • Size

    329KB

  • Sample

    241110-17kqdszkhr

  • MD5

    8f9f1e06458b285e4c54662ce6b965e7

  • SHA1

    790ed8e8263244ac5d8943d2823f8bc63c9d6472

  • SHA256

    49f3b7cd0257dd629a7a4ae2b7c8e77212ff1f8c735dba5eb1251e789b7928ed

  • SHA512

    f21d03eb31737d42533acf496f574fceeecaf356c97fae0bdb57f4644dca6a3293ddadff908aaef21745e6108bbb163f3b73e874d215cdabaae1d05252c55a1c

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOQ:vHW138/iXWlK885rKlGSekcj66ciD

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      49f3b7cd0257dd629a7a4ae2b7c8e77212ff1f8c735dba5eb1251e789b7928ed

    • Size

      329KB

    • MD5

      8f9f1e06458b285e4c54662ce6b965e7

    • SHA1

      790ed8e8263244ac5d8943d2823f8bc63c9d6472

    • SHA256

      49f3b7cd0257dd629a7a4ae2b7c8e77212ff1f8c735dba5eb1251e789b7928ed

    • SHA512

      f21d03eb31737d42533acf496f574fceeecaf356c97fae0bdb57f4644dca6a3293ddadff908aaef21745e6108bbb163f3b73e874d215cdabaae1d05252c55a1c

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOQ:vHW138/iXWlK885rKlGSekcj66ciD

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks