urelas | ad2b6b7ad359e82798328079cb289d37c57a208bab79c26ed860668429cd21a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b251f7c96f0dd027474fec67deb808a_JC.exe
Size

175KB
Sample

231003-vkblbadh7t
MD5

1b251f7c96f0dd027474fec67deb808a
SHA1

a7cb75f199e6b5f406305eaae9781127dd25c29e
SHA256

ad2b6b7ad359e82798328079cb289d37c57a208bab79c26ed860668429cd21a1
SHA512

a75bf2bd5d5d451b9dff7583a1d77ee36495065f4c72eaa3fa45f8c1b5f6704bbf1a1e6f05c6592eb8abc2b10a23beee43d43d98913f7e5cb6704a4ab507f68f
SSDEEP

1536:fIN9E8RW2ZgACLU2/NpWb3owdFLVa7h5s3ePOHd265dCKspXmrj4mdUtb9Sc:fIc8RWrNcvXLM7u265wppXCQL

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  1b251f7c96f0dd027474fec67deb808a_JC.exe
- Size
  
  175KB
- MD5
  
  1b251f7c96f0dd027474fec67deb808a
- SHA1
  
  a7cb75f199e6b5f406305eaae9781127dd25c29e
- SHA256
  
  ad2b6b7ad359e82798328079cb289d37c57a208bab79c26ed860668429cd21a1
- SHA512
  
  a75bf2bd5d5d451b9dff7583a1d77ee36495065f4c72eaa3fa45f8c1b5f6704bbf1a1e6f05c6592eb8abc2b10a23beee43d43d98913f7e5cb6704a4ab507f68f
- SSDEEP
  
  1536:fIN9E8RW2ZgACLU2/NpWb3owdFLVa7h5s3ePOHd265dCKspXmrj4mdUtb9Sc:fIc8RWrNcvXLM7u265wppXCQL
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2