General

  • Target

    5d5dec0508d48e421d735f3f50ea787460dc7db1ed77285d1152bb44719712e5N.exe

  • Size

    334KB

  • Sample

    241205-cyssmstnhx

  • MD5

    aae5733bb4ed466d348eb25664f48520

  • SHA1

    94bb4c32f47fd90713f29669a96446d2d09a31db

  • SHA256

    5d5dec0508d48e421d735f3f50ea787460dc7db1ed77285d1152bb44719712e5

  • SHA512

    8c7372c3a0f08727c2a5600ae1f4f8384a6c0348c0e6702992ef722791f5808a046b243e6ea8f7528b93f45aab9b1eca5b5bca6b382ff49d5170f2c3afbacf62

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOcF:vHW138/iXWlK885rKlGSekcj66cin

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      5d5dec0508d48e421d735f3f50ea787460dc7db1ed77285d1152bb44719712e5N.exe

    • Size

      334KB

    • MD5

      aae5733bb4ed466d348eb25664f48520

    • SHA1

      94bb4c32f47fd90713f29669a96446d2d09a31db

    • SHA256

      5d5dec0508d48e421d735f3f50ea787460dc7db1ed77285d1152bb44719712e5

    • SHA512

      8c7372c3a0f08727c2a5600ae1f4f8384a6c0348c0e6702992ef722791f5808a046b243e6ea8f7528b93f45aab9b1eca5b5bca6b382ff49d5170f2c3afbacf62

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYMOcF:vHW138/iXWlK885rKlGSekcj66cin

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Urelas family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks