Overview

overview

10

Static

static

10

55234f7a9f...58.exe

windows7-x64

10

55234f7a9f...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55234f7a9fae7d20d400e256b63f62cdec8a3007696c54a5863af7078a90a458.exe

  • Size

    536KB

  • Sample

    241121-f2vcestmdm

  • MD5

    e3baf642db69a07e28e3aec2aec78bdd

  • SHA1

    6a4e2ec7dce686c77f1751f7eac33a24be8fb9fe

  • SHA256

    55234f7a9fae7d20d400e256b63f62cdec8a3007696c54a5863af7078a90a458

  • SHA512

    f7b64d8536d15703e91b79ea64ec775191ddc7eabfb339ac33891b065a729ee0987f622a808c518ed2fffb9fa65f3df7b11b97e784e65ec7c918023ecdd8f3d2

  • SSDEEP

    12288:cdBNKTCqqwXCcdgTw9+MvA+BisqYpxHte1oS2g:cLjQC+bs0YOg

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      55234f7a9fae7d20d400e256b63f62cdec8a3007696c54a5863af7078a90a458.exe

    • Size

      536KB

    • MD5

      e3baf642db69a07e28e3aec2aec78bdd

    • SHA1

      6a4e2ec7dce686c77f1751f7eac33a24be8fb9fe

    • SHA256

      55234f7a9fae7d20d400e256b63f62cdec8a3007696c54a5863af7078a90a458

    • SHA512

      f7b64d8536d15703e91b79ea64ec775191ddc7eabfb339ac33891b065a729ee0987f622a808c518ed2fffb9fa65f3df7b11b97e784e65ec7c918023ecdd8f3d2

    • SSDEEP

      12288:cdBNKTCqqwXCcdgTw9+MvA+BisqYpxHte1oS2g:cLjQC+bs0YOg

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks