General

  • Target

    9f1dddf78603182cb7486028fdc50f5115382ea331a21b88102b6da352780bfb.exe

  • Size

    331KB

  • Sample

    241122-mztfnsvper

  • MD5

    7eee5a9c09ab106a678b4e266607e694

  • SHA1

    7a4f8588d6089f4b8e25582bc11dfa9e1302df84

  • SHA256

    9f1dddf78603182cb7486028fdc50f5115382ea331a21b88102b6da352780bfb

  • SHA512

    4ecb3d5966d401af3b4969563e8ccf3157c63b56a48b829d70eded05e7f1aee8a13241393363f6f62a73daa868a2e864dce2ca95b85190ba19ca59de1c9e5f9f

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVRJ:vHW138/iXWlK885rKlGSekcj66ciERJ

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      9f1dddf78603182cb7486028fdc50f5115382ea331a21b88102b6da352780bfb.exe

    • Size

      331KB

    • MD5

      7eee5a9c09ab106a678b4e266607e694

    • SHA1

      7a4f8588d6089f4b8e25582bc11dfa9e1302df84

    • SHA256

      9f1dddf78603182cb7486028fdc50f5115382ea331a21b88102b6da352780bfb

    • SHA512

      4ecb3d5966d401af3b4969563e8ccf3157c63b56a48b829d70eded05e7f1aee8a13241393363f6f62a73daa868a2e864dce2ca95b85190ba19ca59de1c9e5f9f

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYVRJ:vHW138/iXWlK885rKlGSekcj66ciERJ

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks