General

  • Target

    cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2N

  • Size

    74KB

  • Sample

    241111-cceznazgne

  • MD5

    662890335085b599a4143715c3c2a590

  • SHA1

    d510074fcecdbc285c8da0c4d952ab4235f11703

  • SHA256

    cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2

  • SHA512

    d364d9d03e1faf5782751f543d80000e69b35267784208c7a2439e0626f1595b05afc4bbba373a28871b589ff6d56bb435fa6eff3a3dcb1efd8286c54451cd44

  • SSDEEP

    1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIh:Tk8yn7KdmTINQXzz4Q

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2N

    • Size

      74KB

    • MD5

      662890335085b599a4143715c3c2a590

    • SHA1

      d510074fcecdbc285c8da0c4d952ab4235f11703

    • SHA256

      cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2

    • SHA512

      d364d9d03e1faf5782751f543d80000e69b35267784208c7a2439e0626f1595b05afc4bbba373a28871b589ff6d56bb435fa6eff3a3dcb1efd8286c54451cd44

    • SSDEEP

      1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIh:Tk8yn7KdmTINQXzz4Q

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks