Overview

overview

10

Static

static

3

13178d908d...58.exe

windows7-x64

10

13178d908d...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13178d908d932b95e3415ca544a54f950d90b98859714d75f23b3c83e1216b58.exe

  • Size

    60KB

  • Sample

    241124-cnczfaynbt

  • MD5

    8cb74123377be1c526114d6ff7f70574

  • SHA1

    36c94c8c84e469d201eb4f8430ae3db0f8324ca5

  • SHA256

    13178d908d932b95e3415ca544a54f950d90b98859714d75f23b3c83e1216b58

  • SHA512

    02204f42d0ff0f24c810960bdb5a3eb8cca834aa7d3a20c2ddd033bf8721fac2a4544ec3e07f9d3334d85284abf4a4e7dc81cf33b1c5f4cf84ea79c48c3d2a72

  • SSDEEP

    768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPy:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd5

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      13178d908d932b95e3415ca544a54f950d90b98859714d75f23b3c83e1216b58.exe

    • Size

      60KB

    • MD5

      8cb74123377be1c526114d6ff7f70574

    • SHA1

      36c94c8c84e469d201eb4f8430ae3db0f8324ca5

    • SHA256

      13178d908d932b95e3415ca544a54f950d90b98859714d75f23b3c83e1216b58

    • SHA512

      02204f42d0ff0f24c810960bdb5a3eb8cca834aa7d3a20c2ddd033bf8721fac2a4544ec3e07f9d3334d85284abf4a4e7dc81cf33b1c5f4cf84ea79c48c3d2a72

    • SSDEEP

      768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPy:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd5

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks