Overview

overview

10

Static

static

10

97eaddf786...4a.exe

windows7-x64

10

97eaddf786...4a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97eaddf7869249e90318088be565316d75f62ed11bb0785e9f9eb40e36ab7e4a.exe

  • Size

    462KB

  • Sample

    241123-feaphavmfk

  • MD5

    4f4f2f0d0ede717fa4c814da6aafc544

  • SHA1

    54d6704a8a3d19d58e7a8353b0ece3111f5642f1

  • SHA256

    97eaddf7869249e90318088be565316d75f62ed11bb0785e9f9eb40e36ab7e4a

  • SHA512

    9de1197056ad0a78e8441c2d091f14230597b8858f3e95c4a73c80538b891f504fb8b1831e3ad614011ca1d60f81a8498381378f9d57348f887230d8c8225d27

  • SSDEEP

    6144:P8Eoe/IebBVMweZGhHdJBV70FVKLbfW2x8VyMsmD6gzOmjpi+pMJQ8uUm9unpmU:vDdUGhHdJ370FVKmP0Ml+gzzjp+lsuf

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.30.235

121.88.5.181

112.223.217.101

Targets

    • Target

      97eaddf7869249e90318088be565316d75f62ed11bb0785e9f9eb40e36ab7e4a.exe

    • Size

      462KB

    • MD5

      4f4f2f0d0ede717fa4c814da6aafc544

    • SHA1

      54d6704a8a3d19d58e7a8353b0ece3111f5642f1

    • SHA256

      97eaddf7869249e90318088be565316d75f62ed11bb0785e9f9eb40e36ab7e4a

    • SHA512

      9de1197056ad0a78e8441c2d091f14230597b8858f3e95c4a73c80538b891f504fb8b1831e3ad614011ca1d60f81a8498381378f9d57348f887230d8c8225d27

    • SSDEEP

      6144:P8Eoe/IebBVMweZGhHdJBV70FVKLbfW2x8VyMsmD6gzOmjpi+pMJQ8uUm9unpmU:vDdUGhHdJ370FVKmP0Ml+gzzjp+lsuf

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks