urelas | bd54ba629105c4b1c92b30896bf197571e0b2010a1f8fb6a90b505227460ddc9 | Triage

Sharing

General

Target

5744f66a2ddb7516a0b84ac9b24358e6_JC.exe
Size

263KB
Sample

231005-wzxb1afh83
MD5

5744f66a2ddb7516a0b84ac9b24358e6
SHA1

2b8ba7a094d6fa1ee10c3ae0bd9306060de01f93
SHA256

bd54ba629105c4b1c92b30896bf197571e0b2010a1f8fb6a90b505227460ddc9
SHA512

aedb9896c97de3a7560f502c3ba196069f58b9a7aebb7dc931e0c8a8913085f429cce57f2ade6636c11386c0194b8163e6744eab1b4b6fdd1fa852bbb93206af
SSDEEP

6144:B5ibQcmlVD+BgotLvTtehd1wLIE92FJ1wZyZUBiTc:BUq+BgotLvTtehd1wd92FJ1Hc

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

- Target
  
  5744f66a2ddb7516a0b84ac9b24358e6_JC.exe
- Size
  
  263KB
- MD5
  
  5744f66a2ddb7516a0b84ac9b24358e6
- SHA1
  
  2b8ba7a094d6fa1ee10c3ae0bd9306060de01f93
- SHA256
  
  bd54ba629105c4b1c92b30896bf197571e0b2010a1f8fb6a90b505227460ddc9
- SHA512
  
  aedb9896c97de3a7560f502c3ba196069f58b9a7aebb7dc931e0c8a8913085f429cce57f2ade6636c11386c0194b8163e6744eab1b4b6fdd1fa852bbb93206af
- SSDEEP
  
  6144:B5ibQcmlVD+BgotLvTtehd1wLIE92FJ1wZyZUBiTc:BUq+BgotLvTtehd1wd92FJ1Hc
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2