Overview

overview

10

Static

static

3

c9b6715c0f...18.exe

windows7-x64

10

c9b6715c0f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9b6715c0fa19deca7ea7a8797afa824_JaffaCakes118

  • Size

    100KB

  • Sample

    241205-2lm43asjgk

  • MD5

    c9b6715c0fa19deca7ea7a8797afa824

  • SHA1

    5322334a1dc8efd5a5413067f62cae37ca4b3f99

  • SHA256

    de858ef7a28f1fb4a2fdd6ca3c9f6e46b47a7003affc217d7ef25eb113ecfbfc

  • SHA512

    2e7d5e03a6b629335a2e1d3990f3d68944881163d55c22729d9b70d0e7727f7a6088690ca5e90d484fb8f4714f8e502d1d970550730b3b7742c5332255658d33

  • SSDEEP

    1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9cRzda:nqV9MziU4piRun7C3CP3Mgda

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.209

112.175.88.207

Targets

    • Target

      c9b6715c0fa19deca7ea7a8797afa824_JaffaCakes118

    • Size

      100KB

    • MD5

      c9b6715c0fa19deca7ea7a8797afa824

    • SHA1

      5322334a1dc8efd5a5413067f62cae37ca4b3f99

    • SHA256

      de858ef7a28f1fb4a2fdd6ca3c9f6e46b47a7003affc217d7ef25eb113ecfbfc

    • SHA512

      2e7d5e03a6b629335a2e1d3990f3d68944881163d55c22729d9b70d0e7727f7a6088690ca5e90d484fb8f4714f8e502d1d970550730b3b7742c5332255658d33

    • SSDEEP

      1536:nwhq8V9IpPf2lgiIJ4pivJnuNVueC39GdBR3M9cRzda:nqV9MziU4piRun7C3CP3Mgda

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks