Overview

overview

10

Static

static

3

ca8f7a3df2...48.exe

windows7-x64

10

ca8f7a3df2...48.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca8f7a3df2b8247a527e4c560eb897c746e63d0cb413753e5c0759c0a746c248.exe

  • Size

    341KB

  • Sample

    241206-gtz4dazkbn

  • MD5

    09b5ac695ecb26f5923167783af898a9

  • SHA1

    f78da648815348fd48e1ff6c1ceedae215517e1e

  • SHA256

    ca8f7a3df2b8247a527e4c560eb897c746e63d0cb413753e5c0759c0a746c248

  • SHA512

    0d71c6709e2ec28c5f9b04efefb618f63ec551c2693c5f90cee9658495a46471ae83dc0ae7a2dc63ea0ca036d8cd2dc02aa7df9f05d944e0300de9ad592a1f14

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYRcECHUI:vHW138/iXWlK885rKlGSekcj66ciaC0I

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      ca8f7a3df2b8247a527e4c560eb897c746e63d0cb413753e5c0759c0a746c248.exe

    • Size

      341KB

    • MD5

      09b5ac695ecb26f5923167783af898a9

    • SHA1

      f78da648815348fd48e1ff6c1ceedae215517e1e

    • SHA256

      ca8f7a3df2b8247a527e4c560eb897c746e63d0cb413753e5c0759c0a746c248

    • SHA512

      0d71c6709e2ec28c5f9b04efefb618f63ec551c2693c5f90cee9658495a46471ae83dc0ae7a2dc63ea0ca036d8cd2dc02aa7df9f05d944e0300de9ad592a1f14

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYRcECHUI:vHW138/iXWlK885rKlGSekcj66ciaC0I

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks