General

  • Target

    4d0607085b086c0998c07ee05ec1e6b21681f77b9fb56f4f3b84f56bc6a343f4.exe

  • Size

    60KB

  • Sample

    241122-p36lhswrep

  • MD5

    33c97f302b62404d9c4e22d3797230bb

  • SHA1

    3bd9acec1077b777e3a2712ade0ce22f06da97f1

  • SHA256

    4d0607085b086c0998c07ee05ec1e6b21681f77b9fb56f4f3b84f56bc6a343f4

  • SHA512

    cafc0113e0ddb94ec98746cb91ed4304794ab6f9b940a7c32d6bf32cd14a35415eb3c7da6019ed2736402cb9beca7a0a6a0623e88f9bd78c6d15eeac2158f222

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPB:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdG

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      4d0607085b086c0998c07ee05ec1e6b21681f77b9fb56f4f3b84f56bc6a343f4.exe

    • Size

      60KB

    • MD5

      33c97f302b62404d9c4e22d3797230bb

    • SHA1

      3bd9acec1077b777e3a2712ade0ce22f06da97f1

    • SHA256

      4d0607085b086c0998c07ee05ec1e6b21681f77b9fb56f4f3b84f56bc6a343f4

    • SHA512

      cafc0113e0ddb94ec98746cb91ed4304794ab6f9b940a7c32d6bf32cd14a35415eb3c7da6019ed2736402cb9beca7a0a6a0623e88f9bd78c6d15eeac2158f222

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPB:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdG

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks