Overview

overview

10

Static

static

10

6886c5c931...b6.exe

windows7-x64

10

6886c5c931...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6886c5c9314435957bd5897ddf12ba7a06abf806f5c2415ad877baf0ea496cb6.exe

  • Size

    76KB

  • Sample

    250117-ssp3katqcl

  • MD5

    dee4d23d40eadb424626d25d334e88ca

  • SHA1

    a7ed347280a7b05ec75165e84aa303cd63d0cc13

  • SHA256

    6886c5c9314435957bd5897ddf12ba7a06abf806f5c2415ad877baf0ea496cb6

  • SHA512

    47b71dc7344df317f0c3e817eded0e71dc591eefdb6bd53d87884f5f273e7977cb3d800e06d16ab22eadd082b91b059a23e60d36907c6609f3b0230adb15be79

  • SSDEEP

    1536:9HxkDvWdB7O9dKymMyCMGni2Lz1LaRQLDEC:9RkjWjK9ABpGzlaRQL5

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

218.54.47.77

218.54.47.74

Targets

    • Target

      6886c5c9314435957bd5897ddf12ba7a06abf806f5c2415ad877baf0ea496cb6.exe

    • Size

      76KB

    • MD5

      dee4d23d40eadb424626d25d334e88ca

    • SHA1

      a7ed347280a7b05ec75165e84aa303cd63d0cc13

    • SHA256

      6886c5c9314435957bd5897ddf12ba7a06abf806f5c2415ad877baf0ea496cb6

    • SHA512

      47b71dc7344df317f0c3e817eded0e71dc591eefdb6bd53d87884f5f273e7977cb3d800e06d16ab22eadd082b91b059a23e60d36907c6609f3b0230adb15be79

    • SSDEEP

      1536:9HxkDvWdB7O9dKymMyCMGni2Lz1LaRQLDEC:9RkjWjK9ABpGzlaRQL5

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks