Overview

overview

10

Static

static

3

d44b14b6ae...64.exe

windows7-x64

10

d44b14b6ae...64.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d44b14b6aef930f5250008ae4042201e5a48b93f6222615f95c88b1c84fcd164.exe

  • Size

    336KB

  • Sample

    250122-nzzhcswjgq

  • MD5

    36e12de34b6b64b1f73b9fa0a81c0b8e

  • SHA1

    04468d239653de56d849aa888cda17243b2ccd52

  • SHA256

    d44b14b6aef930f5250008ae4042201e5a48b93f6222615f95c88b1c84fcd164

  • SHA512

    b9c715b6c92cb63c2df631a2120a892a4d9a02792f219febbfb62611b23341ad8422faf861960d797b3baff5d09e474c342b03aedf5e0529378c99937c8b6927

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKoU:vHW138/iXWlK885rKlGSekcj66ciN

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      d44b14b6aef930f5250008ae4042201e5a48b93f6222615f95c88b1c84fcd164.exe

    • Size

      336KB

    • MD5

      36e12de34b6b64b1f73b9fa0a81c0b8e

    • SHA1

      04468d239653de56d849aa888cda17243b2ccd52

    • SHA256

      d44b14b6aef930f5250008ae4042201e5a48b93f6222615f95c88b1c84fcd164

    • SHA512

      b9c715b6c92cb63c2df631a2120a892a4d9a02792f219febbfb62611b23341ad8422faf861960d797b3baff5d09e474c342b03aedf5e0529378c99937c8b6927

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKoU:vHW138/iXWlK885rKlGSekcj66ciN

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks