General

  • Target

    3f579ffc4e6b75f48e91b86b8c01c87cc3bde8acf4d9fe6ef1f56078e413af36.exe

  • Size

    60KB

  • Sample

    241121-jmjh6avjcm

  • MD5

    591b0d29ecaf8c4fb813ac94e83cc955

  • SHA1

    56abd39062b85ba9de583343bdc9e3e1a4197d5c

  • SHA256

    3f579ffc4e6b75f48e91b86b8c01c87cc3bde8acf4d9fe6ef1f56078e413af36

  • SHA512

    69a8f865a176ecb46f845e52adb94c229a38f7ed049ddb7e9dd94f8a432e8b263c9c3ce79a0dbabcaef618bfab9ca72af9af5838a4174410efa2a725855ac099

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPp:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdat

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      3f579ffc4e6b75f48e91b86b8c01c87cc3bde8acf4d9fe6ef1f56078e413af36.exe

    • Size

      60KB

    • MD5

      591b0d29ecaf8c4fb813ac94e83cc955

    • SHA1

      56abd39062b85ba9de583343bdc9e3e1a4197d5c

    • SHA256

      3f579ffc4e6b75f48e91b86b8c01c87cc3bde8acf4d9fe6ef1f56078e413af36

    • SHA512

      69a8f865a176ecb46f845e52adb94c229a38f7ed049ddb7e9dd94f8a432e8b263c9c3ce79a0dbabcaef618bfab9ca72af9af5838a4174410efa2a725855ac099

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPp:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdat

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks