Overview

overview

10

Static

static

3

2151a97644...53.exe

windows7-x64

10

2151a97644...53.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2151a976443effe5246902c82992355931f4705e5ba32f22e154713484a38953.exe

  • Size

    336KB

  • Sample

    250122-tha2bstqb1

  • MD5

    ff1817b08ea77c8c294fbf1049f790dc

  • SHA1

    f21658cb7f42b850e1fc3e93e439748906c79d43

  • SHA256

    2151a976443effe5246902c82992355931f4705e5ba32f22e154713484a38953

  • SHA512

    adad32955a742b788b893237531065dc1ed9b7d74d2e0579f69c6d06910e630d5b161b3728db2d6cdd8d5ec306ca5a713f1d0c1104f5699062b4f5e6529271ef

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcV8:vHW138/iXWlK885rKlGSekcj66cit

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      2151a976443effe5246902c82992355931f4705e5ba32f22e154713484a38953.exe

    • Size

      336KB

    • MD5

      ff1817b08ea77c8c294fbf1049f790dc

    • SHA1

      f21658cb7f42b850e1fc3e93e439748906c79d43

    • SHA256

      2151a976443effe5246902c82992355931f4705e5ba32f22e154713484a38953

    • SHA512

      adad32955a742b788b893237531065dc1ed9b7d74d2e0579f69c6d06910e630d5b161b3728db2d6cdd8d5ec306ca5a713f1d0c1104f5699062b4f5e6529271ef

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcV8:vHW138/iXWlK885rKlGSekcj66cit

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks