Overview

overview

10

Static

static

3

9b78d19afe...42.exe

windows7-x64

10

9b78d19afe...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b78d19afe8ef274b9debee712a7fbf1f8ca2d0a4f9c1d2005f0542d792fb942.exe

  • Size

    330KB

  • Sample

    241122-h6cpaawnet

  • MD5

    4b9902bf074634779cdbe5af3775a6c6

  • SHA1

    d52eb67aa4a794b1db570a367cf0992a8e8e1d76

  • SHA256

    9b78d19afe8ef274b9debee712a7fbf1f8ca2d0a4f9c1d2005f0542d792fb942

  • SHA512

    f6777d9b59c5194a91de39ab382718b70f0399bc0bbf0d708629986e0e2710d667073ac6619c67f6afdd7f9daa0ecf5f998634a26e3c8124aec653d8f8aee221

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOF+:vHW138/iXWlK885rKlGSekcj66ciq+

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      9b78d19afe8ef274b9debee712a7fbf1f8ca2d0a4f9c1d2005f0542d792fb942.exe

    • Size

      330KB

    • MD5

      4b9902bf074634779cdbe5af3775a6c6

    • SHA1

      d52eb67aa4a794b1db570a367cf0992a8e8e1d76

    • SHA256

      9b78d19afe8ef274b9debee712a7fbf1f8ca2d0a4f9c1d2005f0542d792fb942

    • SHA512

      f6777d9b59c5194a91de39ab382718b70f0399bc0bbf0d708629986e0e2710d667073ac6619c67f6afdd7f9daa0ecf5f998634a26e3c8124aec653d8f8aee221

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOF+:vHW138/iXWlK885rKlGSekcj66ciq+

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks