General

  • Target

    97d3d9f04d53a2703a44610545e09ad2f75d8d432ee7513667711988360c3b52N.exe

  • Size

    332KB

  • Sample

    241118-s5rf6avkdp

  • MD5

    efb9d248a446a3a7434267d9b4d123c0

  • SHA1

    3fe98e4298e590b5cc2ee56260b39c34a6790832

  • SHA256

    97d3d9f04d53a2703a44610545e09ad2f75d8d432ee7513667711988360c3b52

  • SHA512

    c88b18d6833b3dd913e67028926cb297866c2b1af65dc9c2e264860365004b525eda2b005d8bf9d3f7a330a4e259a7a44301ad82bf3c58d0ed4f3e0574fc36ee

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYK:vHW138/iXWlK885rKlGSekcj66cij

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      97d3d9f04d53a2703a44610545e09ad2f75d8d432ee7513667711988360c3b52N.exe

    • Size

      332KB

    • MD5

      efb9d248a446a3a7434267d9b4d123c0

    • SHA1

      3fe98e4298e590b5cc2ee56260b39c34a6790832

    • SHA256

      97d3d9f04d53a2703a44610545e09ad2f75d8d432ee7513667711988360c3b52

    • SHA512

      c88b18d6833b3dd913e67028926cb297866c2b1af65dc9c2e264860365004b525eda2b005d8bf9d3f7a330a4e259a7a44301ad82bf3c58d0ed4f3e0574fc36ee

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYK:vHW138/iXWlK885rKlGSekcj66cij

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks