urelas | 0615d92448e90269ba9922fbab91f4615ea77ad54c84a30cae70b353dcec5e89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.42a022291da03064628499bac0c7a10e_JC.exe
Size

354KB
Sample

231009-sy293sfh93
MD5

42a022291da03064628499bac0c7a10e
SHA1

a281c3c210808a47f944306acc7390ba7bbf5c7d
SHA256

0615d92448e90269ba9922fbab91f4615ea77ad54c84a30cae70b353dcec5e89
SHA512

d8c0565551a4d60b9095fc0f3f78ca2c5b8cc896d2c0f63b98c407c8f65686bb96833266567a324c3dabd0ebb5000f85506f9bf5e1af378c147c92a86e8f6953
SSDEEP

6144:AmSxoGPeQ+tIOrOgFtFlBooGV8JI9PTdCfhS7rk2IEuFXV3WATRZ8HqRA:lSxJ2OcDi2i9PjftuFXVGAMq6

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  NEAS.42a022291da03064628499bac0c7a10e_JC.exe
- Size
  
  354KB
- MD5
  
  42a022291da03064628499bac0c7a10e
- SHA1
  
  a281c3c210808a47f944306acc7390ba7bbf5c7d
- SHA256
  
  0615d92448e90269ba9922fbab91f4615ea77ad54c84a30cae70b353dcec5e89
- SHA512
  
  d8c0565551a4d60b9095fc0f3f78ca2c5b8cc896d2c0f63b98c407c8f65686bb96833266567a324c3dabd0ebb5000f85506f9bf5e1af378c147c92a86e8f6953
- SSDEEP
  
  6144:AmSxoGPeQ+tIOrOgFtFlBooGV8JI9PTdCfhS7rk2IEuFXV3WATRZ8HqRA:lSxJ2OcDi2i9PjftuFXVGAMq6
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2