General
-
Target
e49f2e9313e5d29d6b76640a50272a9ac7da9d573db26849954ad91fee0324a9
-
Size
334KB
-
Sample
241118-g4ns4azpfy
-
MD5
3234cf4c81bfcee023e8b2f5a4912775
-
SHA1
3fb4ee1ba10cd6670b2c301c376d59ee634a8259
-
SHA256
e49f2e9313e5d29d6b76640a50272a9ac7da9d573db26849954ad91fee0324a9
-
SHA512
e8a8651bf6f2a34d9b3cf1471cf417704e40cda4d61a14e21eeb441f0a0ebe5a8553c96e1265e76ffc87b8365f210f1d91a1c96dbe020a6aff06cb9271cb581e
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYl:vHW138/iXWlK885rKlGSekcj66ci8
Malware Config
Extracted
urelas
218.54.31.226
218.54.31.165
218.54.31.166
Targets
-
-
Target
e49f2e9313e5d29d6b76640a50272a9ac7da9d573db26849954ad91fee0324a9
-
Size
334KB
-
MD5
3234cf4c81bfcee023e8b2f5a4912775
-
SHA1
3fb4ee1ba10cd6670b2c301c376d59ee634a8259
-
SHA256
e49f2e9313e5d29d6b76640a50272a9ac7da9d573db26849954ad91fee0324a9
-
SHA512
e8a8651bf6f2a34d9b3cf1471cf417704e40cda4d61a14e21eeb441f0a0ebe5a8553c96e1265e76ffc87b8365f210f1d91a1c96dbe020a6aff06cb9271cb581e
-
SSDEEP
6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYl:vHW138/iXWlK885rKlGSekcj66ci8
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-