Overview

overview

10

Static

static

3

b6cbc0f5a1...0f.exe

windows7-x64

10

b6cbc0f5a1...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b6cbc0f5a1196a879a480a10b5c37f6b92d98f123b3922ccb11832b4e8ac690f.exe

  • Size

    61KB

  • Sample

    250215-yekhta1nbx

  • MD5

    6c021297c508fde6090e5c77aec676e0

  • SHA1

    e491d10964ed134c614330ead1c09d97eab7342d

  • SHA256

    b6cbc0f5a1196a879a480a10b5c37f6b92d98f123b3922ccb11832b4e8ac690f

  • SHA512

    d3e2ff0eb323264b8859630dbbd43c917fdbe0c0871d0138122859ddef060c7a0cde6285e726c4707fb331066f2f6a96698a4c11b06189fca36e91f28b94c935

  • SSDEEP

    1536:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9lDQ:K0GAqjuVZ6rNO9lM

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      b6cbc0f5a1196a879a480a10b5c37f6b92d98f123b3922ccb11832b4e8ac690f.exe

    • Size

      61KB

    • MD5

      6c021297c508fde6090e5c77aec676e0

    • SHA1

      e491d10964ed134c614330ead1c09d97eab7342d

    • SHA256

      b6cbc0f5a1196a879a480a10b5c37f6b92d98f123b3922ccb11832b4e8ac690f

    • SHA512

      d3e2ff0eb323264b8859630dbbd43c917fdbe0c0871d0138122859ddef060c7a0cde6285e726c4707fb331066f2f6a96698a4c11b06189fca36e91f28b94c935

    • SSDEEP

      1536:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9lDQ:K0GAqjuVZ6rNO9lM

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks