General
-
Target
9a672c2117afcc829c0f260c927077d4493c5d33dfb66d0937ec1c614cd7f79a.exe
-
Size
80KB
-
Sample
250121-jpzm6atnd1
-
MD5
2f3f5f9e0b83d97cb5446c3ffe31c853
-
SHA1
8483eb848457aa28fcbbf296f488348d37bd5b70
-
SHA256
9a672c2117afcc829c0f260c927077d4493c5d33dfb66d0937ec1c614cd7f79a
-
SHA512
d3fb42b79e8ebb92fbe8f657b12a9ee501d30d108384b852ebb87d95fcf75d1749c5131f625d88fa10e9951a14f891dbea6f18477114bdb1da92146585943e36
-
SSDEEP
1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8te7q:4lnhYPlVMqmyAFIRReq
Malware Config
Extracted
urelas
112.175.88.208
112.175.88.207
Targets
-
-
Target
9a672c2117afcc829c0f260c927077d4493c5d33dfb66d0937ec1c614cd7f79a.exe
-
Size
80KB
-
MD5
2f3f5f9e0b83d97cb5446c3ffe31c853
-
SHA1
8483eb848457aa28fcbbf296f488348d37bd5b70
-
SHA256
9a672c2117afcc829c0f260c927077d4493c5d33dfb66d0937ec1c614cd7f79a
-
SHA512
d3fb42b79e8ebb92fbe8f657b12a9ee501d30d108384b852ebb87d95fcf75d1749c5131f625d88fa10e9951a14f891dbea6f18477114bdb1da92146585943e36
-
SSDEEP
1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8te7q:4lnhYPlVMqmyAFIRReq
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-