urelas | bcb9545a7cc5e2706ea2534d70dc6b7c25afeab6781a2aca2b74929e611945ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d501721844d2f5456e38b384c72cc3fb_JC.exe
Size

120KB
Sample

231004-w626tsdh81
MD5

d501721844d2f5456e38b384c72cc3fb
SHA1

2363db1d9fc55a1eefdd18dee38b7c35aa61f66d
SHA256

bcb9545a7cc5e2706ea2534d70dc6b7c25afeab6781a2aca2b74929e611945ee
SHA512

d861ff561821dfa75b3b755e2a85ef4961d194140dee2853c6a48645b82c8fb99d21d1273d5d4a46036b84df72a24f5e252c103219284b89d531bb7e0bb2df58
SSDEEP

1536:DVih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YAiQ45F:DVSRBPCoLY5RIzNdy6YO45F

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  d501721844d2f5456e38b384c72cc3fb_JC.exe
- Size
  
  120KB
- MD5
  
  d501721844d2f5456e38b384c72cc3fb
- SHA1
  
  2363db1d9fc55a1eefdd18dee38b7c35aa61f66d
- SHA256
  
  bcb9545a7cc5e2706ea2534d70dc6b7c25afeab6781a2aca2b74929e611945ee
- SHA512
  
  d861ff561821dfa75b3b755e2a85ef4961d194140dee2853c6a48645b82c8fb99d21d1273d5d4a46036b84df72a24f5e252c103219284b89d531bb7e0bb2df58
- SSDEEP
  
  1536:DVih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YAiQ45F:DVSRBPCoLY5RIzNdy6YO45F
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2