Overview

overview

10

Static

static

3

26d1ce9c96...9N.exe

windows7-x64

10

26d1ce9c96...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26d1ce9c96719731a3afc255abf7849d75bb381bc4064e6b71db0d4b28ece0b9N.exe

  • Size

    338KB

  • Sample

    250127-cjq1havpd1

  • MD5

    3496996eb0e0e23e58f45abf9150f2c0

  • SHA1

    d68d5ab36ea32ea14d0bd4bf96ef1760e10db9ec

  • SHA256

    26d1ce9c96719731a3afc255abf7849d75bb381bc4064e6b71db0d4b28ece0b9

  • SHA512

    1fa01db9a83193d5087eb193d4e5f3af284d8df876b67fca8e0a895889ace2b07125777b81134bdfd65caa483cec4a0a2277ab8b7a88bd865cc2bc27da975bd9

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKog2:vHW138/iXWlK885rKlGSekcj66ciK

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      26d1ce9c96719731a3afc255abf7849d75bb381bc4064e6b71db0d4b28ece0b9N.exe

    • Size

      338KB

    • MD5

      3496996eb0e0e23e58f45abf9150f2c0

    • SHA1

      d68d5ab36ea32ea14d0bd4bf96ef1760e10db9ec

    • SHA256

      26d1ce9c96719731a3afc255abf7849d75bb381bc4064e6b71db0d4b28ece0b9

    • SHA512

      1fa01db9a83193d5087eb193d4e5f3af284d8df876b67fca8e0a895889ace2b07125777b81134bdfd65caa483cec4a0a2277ab8b7a88bd865cc2bc27da975bd9

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYIcKog2:vHW138/iXWlK885rKlGSekcj66ciK

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks