General
-
Target
8296029a63d5a0604a24ef16362475f5b67da642c7fd273d57336cbf7cfbfc4e.exe
-
Size
438KB
-
Sample
250122-1mhqasyjfl
-
MD5
1e16dfa3fe9fc1be28d188c1af4f9051
-
SHA1
16e6279fcdfa6ffc4f064944223944fc6461a099
-
SHA256
8296029a63d5a0604a24ef16362475f5b67da642c7fd273d57336cbf7cfbfc4e
-
SHA512
6662d4e5c6fa37c771a69c051ef764ab8eff924ef38e816fcb2af56e38baf52e73054ce0d39ed6b7f5dc309e044a702860993bae17efb9f345678602a1bff49e
-
SSDEEP
6144:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjEwwiYWB5mV4Pzw9ygibGGMMq:rKf1PyKa2H3hOHOHz9JQ6zB8
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.165
218.54.31.226
Targets
-
-
Target
8296029a63d5a0604a24ef16362475f5b67da642c7fd273d57336cbf7cfbfc4e.exe
-
Size
438KB
-
MD5
1e16dfa3fe9fc1be28d188c1af4f9051
-
SHA1
16e6279fcdfa6ffc4f064944223944fc6461a099
-
SHA256
8296029a63d5a0604a24ef16362475f5b67da642c7fd273d57336cbf7cfbfc4e
-
SHA512
6662d4e5c6fa37c771a69c051ef764ab8eff924ef38e816fcb2af56e38baf52e73054ce0d39ed6b7f5dc309e044a702860993bae17efb9f345678602a1bff49e
-
SSDEEP
6144:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjEwwiYWB5mV4Pzw9ygibGGMMq:rKf1PyKa2H3hOHOHz9JQ6zB8
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-