General
-
Target
7fcddc301a4f24b1a1ca0024899e60efad7d76e4c4543988e22047baeb772996N.exe
-
Size
81KB
-
Sample
241217-xf1ezswjap
-
MD5
dfa25f0acaa7973961aa79611dd97bf0
-
SHA1
58210f982b4038ff4fd3090a9f283db0b7f47ef0
-
SHA256
7fcddc301a4f24b1a1ca0024899e60efad7d76e4c4543988e22047baeb772996
-
SHA512
e2217d93601aab16d54c0b4ff1798b60df14c950cb123b15bcf1bb198cca92430ffb0fbe15aad65f493cfa7c191996c73a5e9e3878f9c984859d6cbb83832c33
-
SSDEEP
1536:zxKyhnAUfUiZR9G84qk+Be/HZ17hmZpDsxu1d:zLCEZTGx518ox6d
Malware Config
Extracted
urelas
218.54.28.139
121.88.5.183
Targets
-
-
Target
7fcddc301a4f24b1a1ca0024899e60efad7d76e4c4543988e22047baeb772996N.exe
-
Size
81KB
-
MD5
dfa25f0acaa7973961aa79611dd97bf0
-
SHA1
58210f982b4038ff4fd3090a9f283db0b7f47ef0
-
SHA256
7fcddc301a4f24b1a1ca0024899e60efad7d76e4c4543988e22047baeb772996
-
SHA512
e2217d93601aab16d54c0b4ff1798b60df14c950cb123b15bcf1bb198cca92430ffb0fbe15aad65f493cfa7c191996c73a5e9e3878f9c984859d6cbb83832c33
-
SSDEEP
1536:zxKyhnAUfUiZR9G84qk+Be/HZ17hmZpDsxu1d:zLCEZTGx518ox6d
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-