Overview

overview

10

Static

static

3

6aefa01d1e...84.exe

windows7-x64

10

6aefa01d1e...84.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6aefa01d1ee480134c55e848783eb2c6752b36a56c38c17d0a9ba9070fe94f84.exe

  • Size

    335KB

  • Sample

    250125-jjkl2sspfz

  • MD5

    1056543fddaacdaa0e7f667cfb292106

  • SHA1

    8f3e12db65839e4546b7ebe5bd378b5fb264f3b2

  • SHA256

    6aefa01d1ee480134c55e848783eb2c6752b36a56c38c17d0a9ba9070fe94f84

  • SHA512

    2b720cd76f80a376d510f421bd0f2a71d76270aa1a21f8197217a9411140d7d6b855d3828cab2d9914e0cacb12c075f5b527c2b8a68429bdce254b7e44b3fb58

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIck:vHW138/iXWlK885rKlGSekcj66cid

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      6aefa01d1ee480134c55e848783eb2c6752b36a56c38c17d0a9ba9070fe94f84.exe

    • Size

      335KB

    • MD5

      1056543fddaacdaa0e7f667cfb292106

    • SHA1

      8f3e12db65839e4546b7ebe5bd378b5fb264f3b2

    • SHA256

      6aefa01d1ee480134c55e848783eb2c6752b36a56c38c17d0a9ba9070fe94f84

    • SHA512

      2b720cd76f80a376d510f421bd0f2a71d76270aa1a21f8197217a9411140d7d6b855d3828cab2d9914e0cacb12c075f5b527c2b8a68429bdce254b7e44b3fb58

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIck:vHW138/iXWlK885rKlGSekcj66cid

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks