Overview

overview

10

Static

static

3

8900e16788...99.exe

windows7-x64

10

8900e16788...99.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8900e16788ffccb1ca92d7e52964ab6190012e1fe1a999fd527b001c78daa999.exe

  • Size

    334KB

  • Sample

    241205-l76waszley

  • MD5

    eb2d3d257b3049fc2300c2a67cb9033b

  • SHA1

    92ddb111ebc3424ddb8d4a9a62d2b4d429d26bde

  • SHA256

    8900e16788ffccb1ca92d7e52964ab6190012e1fe1a999fd527b001c78daa999

  • SHA512

    2cfdf39cdcfcbdb2bd6a909fe2d0228af9b0028b684053cbe1280df36914a557f22d05383ef4839b9845cb6940cffacae2aee830c9e393a006aadaaf2faecffe

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYI2:vHW138/iXWlK885rKlGSekcj66ci0

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      8900e16788ffccb1ca92d7e52964ab6190012e1fe1a999fd527b001c78daa999.exe

    • Size

      334KB

    • MD5

      eb2d3d257b3049fc2300c2a67cb9033b

    • SHA1

      92ddb111ebc3424ddb8d4a9a62d2b4d429d26bde

    • SHA256

      8900e16788ffccb1ca92d7e52964ab6190012e1fe1a999fd527b001c78daa999

    • SHA512

      2cfdf39cdcfcbdb2bd6a909fe2d0228af9b0028b684053cbe1280df36914a557f22d05383ef4839b9845cb6940cffacae2aee830c9e393a006aadaaf2faecffe

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYI2:vHW138/iXWlK885rKlGSekcj66ci0

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks