Overview

overview

10

Static

static

3

1f4ffae1d2...dN.exe

windows7-x64

10

1f4ffae1d2...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f4ffae1d208aa2da2fc5364702a0999f92db988820b695c723fd34fb514df7dN.exe

  • Size

    52KB

  • Sample

    241206-clbnlavkhv

  • MD5

    eb71479977873ddd18b7b92c961f5c90

  • SHA1

    3beb9a164c32065d3c41572cfc7b0e0b7c8dccdc

  • SHA256

    1f4ffae1d208aa2da2fc5364702a0999f92db988820b695c723fd34fb514df7d

  • SHA512

    64fd33316114e8d3d1f74b7573b860f752659ae107b01ded4e2722927cd855824b64ba09f5ea284d4007ebc32f2c3afcf4aa7656a77d197b73f8df03989fc84d

  • SSDEEP

    1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrg1:vMhAe5Zs091KI+JYixw49XjrE

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      1f4ffae1d208aa2da2fc5364702a0999f92db988820b695c723fd34fb514df7dN.exe

    • Size

      52KB

    • MD5

      eb71479977873ddd18b7b92c961f5c90

    • SHA1

      3beb9a164c32065d3c41572cfc7b0e0b7c8dccdc

    • SHA256

      1f4ffae1d208aa2da2fc5364702a0999f92db988820b695c723fd34fb514df7d

    • SHA512

      64fd33316114e8d3d1f74b7573b860f752659ae107b01ded4e2722927cd855824b64ba09f5ea284d4007ebc32f2c3afcf4aa7656a77d197b73f8df03989fc84d

    • SSDEEP

      1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrg1:vMhAe5Zs091KI+JYixw49XjrE

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks