Overview

overview

10

Static

static

3

bca240552a...04.exe

windows7-x64

10

bca240552a...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bca240552a66cb7cc3f33b2b866746372ce9d41ad3cc69fc963d39ed0a308904.exe

  • Size

    337KB

  • Sample

    250122-vg9c6swldx

  • MD5

    5ce7a119af90e0558ac742b7ff225c75

  • SHA1

    25c01e283782c843a1600e626960d968aead0a70

  • SHA256

    bca240552a66cb7cc3f33b2b866746372ce9d41ad3cc69fc963d39ed0a308904

  • SHA512

    5da612dbe40bbb694ea1831a885dc7ad5a21f2f0ffa60b5bf0b026ed9db66eb8f0dac22a0c5c0a9a0ee0e39759bccdd66b8d925282f94c259564f4c29c5d1874

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcV7:vHW138/iXWlK885rKlGSekcj66ciw

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      bca240552a66cb7cc3f33b2b866746372ce9d41ad3cc69fc963d39ed0a308904.exe

    • Size

      337KB

    • MD5

      5ce7a119af90e0558ac742b7ff225c75

    • SHA1

      25c01e283782c843a1600e626960d968aead0a70

    • SHA256

      bca240552a66cb7cc3f33b2b866746372ce9d41ad3cc69fc963d39ed0a308904

    • SHA512

      5da612dbe40bbb694ea1831a885dc7ad5a21f2f0ffa60b5bf0b026ed9db66eb8f0dac22a0c5c0a9a0ee0e39759bccdd66b8d925282f94c259564f4c29c5d1874

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcV7:vHW138/iXWlK885rKlGSekcj66ciw

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks