urelas | 553c81d2b260518033d823851b7666fc83bff5cabb65f4a2cc02f5d3057426fb | Triage

Sharing

General

Target

a966eb479f68989aa588f414af218189_JC.exe
Size

478KB
Sample

230930-pene2abe9x
MD5

a966eb479f68989aa588f414af218189
SHA1

4281f1152ef582ca5f0875955c9551fbb1b1a3fd
SHA256

553c81d2b260518033d823851b7666fc83bff5cabb65f4a2cc02f5d3057426fb
SHA512

9bbdf8e41493a62072f2212a2acb923308a2ecc314ad0a9d2ae4ad3762d7cda9a391e6394aa1e1ae9310dace3b3363c2f2c0803a209b8fa9c369612ba599e255
SSDEEP

12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWb7:k2SLi7oih9abvceo

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  a966eb479f68989aa588f414af218189_JC.exe
- Size
  
  478KB
- MD5
  
  a966eb479f68989aa588f414af218189
- SHA1
  
  4281f1152ef582ca5f0875955c9551fbb1b1a3fd
- SHA256
  
  553c81d2b260518033d823851b7666fc83bff5cabb65f4a2cc02f5d3057426fb
- SHA512
  
  9bbdf8e41493a62072f2212a2acb923308a2ecc314ad0a9d2ae4ad3762d7cda9a391e6394aa1e1ae9310dace3b3363c2f2c0803a209b8fa9c369612ba599e255
- SSDEEP
  
  12288:k2PxDgZo3ijniea8Xih9abyNK95ZA9u3y2XWb7:k2SLi7oih9abvceo
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2