Overview

overview

10

Static

static

5

fa8c3312de...12.exe

windows7-x64

10

fa8c3312de...12.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa8c3312deda4254508221f546dff238cac57d5675bfa21b6a401d1b9f7afd12

  • Size

    59KB

  • Sample

    241114-e6exvsvckb

  • MD5

    b269daf79e997646d7f0b54f4026767e

  • SHA1

    48be882dafee69d5c395ede80d7b0a1bfda4c0d1

  • SHA256

    fa8c3312deda4254508221f546dff238cac57d5675bfa21b6a401d1b9f7afd12

  • SHA512

    df5943abad67ea3d8802558a8d45a15b1cfc7271a48b0f0b83c2b9d7c29d5dbe1a77d651268a0c8bd1e86f6f9ee2caf2d594fd8744e518c94950d72513a71602

  • SSDEEP

    1536:6W82C0Db1edMckBI1kmJAhTPY6pnouy8M:6n25DbaMySmJAhbvoutM

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      fa8c3312deda4254508221f546dff238cac57d5675bfa21b6a401d1b9f7afd12

    • Size

      59KB

    • MD5

      b269daf79e997646d7f0b54f4026767e

    • SHA1

      48be882dafee69d5c395ede80d7b0a1bfda4c0d1

    • SHA256

      fa8c3312deda4254508221f546dff238cac57d5675bfa21b6a401d1b9f7afd12

    • SHA512

      df5943abad67ea3d8802558a8d45a15b1cfc7271a48b0f0b83c2b9d7c29d5dbe1a77d651268a0c8bd1e86f6f9ee2caf2d594fd8744e518c94950d72513a71602

    • SSDEEP

      1536:6W82C0Db1edMckBI1kmJAhTPY6pnouy8M:6n25DbaMySmJAhbvoutM

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks