urelas | 48c977d3a1e9bbc7b29b162574cc573213bd8cb4c4e06c52fc46ea48fff89a5b | Triage

Sharing

General

Target

618ac6d1589cb78955bfa5ad969f59a1_JC.exe
Size

467KB
Sample

230917-n3t22scf86
MD5

618ac6d1589cb78955bfa5ad969f59a1
SHA1

2181bf81988d24c067c9b95f715d505b02bed07c
SHA256

48c977d3a1e9bbc7b29b162574cc573213bd8cb4c4e06c52fc46ea48fff89a5b
SHA512

a885ab042c93b00e3798364e6f61ef800994ce917e52efe12996abae9077308174ec33de1e6e66ecea514c4a4f58f92f24b26d302af84bb374e2c70df5345bd0
SSDEEP

12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mP:9x9GzHlTv/b35tecFB6C

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

121.88.5.184

Targets

- Target
  
  618ac6d1589cb78955bfa5ad969f59a1_JC.exe
- Size
  
  467KB
- MD5
  
  618ac6d1589cb78955bfa5ad969f59a1
- SHA1
  
  2181bf81988d24c067c9b95f715d505b02bed07c
- SHA256
  
  48c977d3a1e9bbc7b29b162574cc573213bd8cb4c4e06c52fc46ea48fff89a5b
- SHA512
  
  a885ab042c93b00e3798364e6f61ef800994ce917e52efe12996abae9077308174ec33de1e6e66ecea514c4a4f58f92f24b26d302af84bb374e2c70df5345bd0
- SSDEEP
  
  12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mP:9x9GzHlTv/b35tecFB6C
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2