Overview

overview

10

Static

static

3

ad1b8bb7a2...1N.exe

windows7-x64

10

ad1b8bb7a2...1N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad1b8bb7a2b331d51e92c4f76048e62e6cdef9aa1f3486652f1565e7aa36a9f1N.exe

  • Size

    336KB

  • Sample

    250122-qz6b1synds

  • MD5

    36d0dc1c7948e2aa55e3bda8294bd3c0

  • SHA1

    9cf4e9855e98155b29ac017e374058c4c34c36b3

  • SHA256

    ad1b8bb7a2b331d51e92c4f76048e62e6cdef9aa1f3486652f1565e7aa36a9f1

  • SHA512

    852412a2cd920486b664569765f39d71119785ceb8580888405e8858f0c6a8c8906b7f903a10607ad17d50674aa9d04af6819b3f976f7cb48887c9a71370f899

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKo1:vHW138/iXWlK885rKlGSekcj66ciI

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      ad1b8bb7a2b331d51e92c4f76048e62e6cdef9aa1f3486652f1565e7aa36a9f1N.exe

    • Size

      336KB

    • MD5

      36d0dc1c7948e2aa55e3bda8294bd3c0

    • SHA1

      9cf4e9855e98155b29ac017e374058c4c34c36b3

    • SHA256

      ad1b8bb7a2b331d51e92c4f76048e62e6cdef9aa1f3486652f1565e7aa36a9f1

    • SHA512

      852412a2cd920486b664569765f39d71119785ceb8580888405e8858f0c6a8c8906b7f903a10607ad17d50674aa9d04af6819b3f976f7cb48887c9a71370f899

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKo1:vHW138/iXWlK885rKlGSekcj66ciI

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks