General

  • Target

    83b591f5ea6d9131d736b8fbf255ff5f691d84ad8625778f959295764575067e.exe

  • Size

    51KB

  • Sample

    241116-k73m7ssnfx

  • MD5

    5a8ebbdc35e6a3caecfa66340826e192

  • SHA1

    0969613872152b004fe0bcb876ac384782ce8f4f

  • SHA256

    83b591f5ea6d9131d736b8fbf255ff5f691d84ad8625778f959295764575067e

  • SHA512

    0a5ed23df12d2763119c08fdf7f50882369f33f96fcdab6f66b728a262e307f212f370b8208fc048feaa4e6cbfc905335e6dd9ad8a637acad43709024e78092c

  • SSDEEP

    1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhP4:KsdXfBo/DBJBGzkP5P4

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.28.139

Targets

    • Target

      83b591f5ea6d9131d736b8fbf255ff5f691d84ad8625778f959295764575067e.exe

    • Size

      51KB

    • MD5

      5a8ebbdc35e6a3caecfa66340826e192

    • SHA1

      0969613872152b004fe0bcb876ac384782ce8f4f

    • SHA256

      83b591f5ea6d9131d736b8fbf255ff5f691d84ad8625778f959295764575067e

    • SHA512

      0a5ed23df12d2763119c08fdf7f50882369f33f96fcdab6f66b728a262e307f212f370b8208fc048feaa4e6cbfc905335e6dd9ad8a637acad43709024e78092c

    • SSDEEP

      1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhP4:KsdXfBo/DBJBGzkP5P4

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks