Overview

overview

10

Static

static

3

a75ad7afda...29.exe

windows7-x64

10

a75ad7afda...29.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a75ad7afda019d2648d07451bdc13beffe0afe240b2def24e3312e6c9eb51429

  • Size

    332KB

  • Sample

    241112-car67ssbnr

  • MD5

    926d44f877c6b8877309b7dc186c5650

  • SHA1

    d21eb91f9d20bb0d3a3ccd5edd4dd48d900a54df

  • SHA256

    a75ad7afda019d2648d07451bdc13beffe0afe240b2def24e3312e6c9eb51429

  • SHA512

    486b60f8b1ee93f7b52f8f911e4284b7c384a23a68e4736d5fd6b9dd97c1be5cae23f24fce95f11c98e954bfb029ef55d84bab57dcc9fbbeda6a61e4b6548fc2

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVO:vHW138/iXWlK885rKlGSekcj66ciEO

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      a75ad7afda019d2648d07451bdc13beffe0afe240b2def24e3312e6c9eb51429

    • Size

      332KB

    • MD5

      926d44f877c6b8877309b7dc186c5650

    • SHA1

      d21eb91f9d20bb0d3a3ccd5edd4dd48d900a54df

    • SHA256

      a75ad7afda019d2648d07451bdc13beffe0afe240b2def24e3312e6c9eb51429

    • SHA512

      486b60f8b1ee93f7b52f8f911e4284b7c384a23a68e4736d5fd6b9dd97c1be5cae23f24fce95f11c98e954bfb029ef55d84bab57dcc9fbbeda6a61e4b6548fc2

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVO:vHW138/iXWlK885rKlGSekcj66ciEO

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks