urelas | 2c695742e32b4e45aa28c317336953fcff6d55d3ad095dbd51df68e0ce84af96 | Triage

Submit
Reports

Overview

overview

Static

static

058036f22c...JC.exe

windows7-x64

058036f22c...JC.exe

windows10-2004-x64

Sharing

General

Target

058036f22cf856674f4167a53296a7bf_JC.exe
Size

439KB
Sample

231011-kj15gadg55
MD5

058036f22cf856674f4167a53296a7bf
SHA1

bb99e0c12b6fedf7e128cb4222c603278a31520c
SHA256

2c695742e32b4e45aa28c317336953fcff6d55d3ad095dbd51df68e0ce84af96
SHA512

1da0553339bd2b385c4b183fddef7fec3aafac908f7a5afb290e039b091a34908c7dc3639b40aaee74166cd56abc4db886eb6d4cb1e65e7334f9720c627f34b3
SSDEEP

6144:g9XG4oXs663ypJL9fWPEmGy3AiWd3tWlRjiJEZ8yJt0TfC29qcV:gMPs663ypJ5WPyy3pWd3tWDea5t0TfHP

Score

10^/10

urelas trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

058036f22cf856674f4167a53296a7bf_JC.exe

Resource

win7-20230831-en

urelas trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

058036f22cf856674f4167a53296a7bf_JC.exe

Resource

win10v2004-20230915-en

urelas trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  058036f22cf856674f4167a53296a7bf_JC.exe
- Size
  
  439KB
- MD5
  
  058036f22cf856674f4167a53296a7bf
- SHA1
  
  bb99e0c12b6fedf7e128cb4222c603278a31520c
- SHA256
  
  2c695742e32b4e45aa28c317336953fcff6d55d3ad095dbd51df68e0ce84af96
- SHA512
  
  1da0553339bd2b385c4b183fddef7fec3aafac908f7a5afb290e039b091a34908c7dc3639b40aaee74166cd56abc4db886eb6d4cb1e65e7334f9720c627f34b3
- SSDEEP
  
  6144:g9XG4oXs663ypJL9fWPEmGy3AiWd3tWlRjiJEZ8yJt0TfC29qcV:gMPs663ypJ5WPyy3pWd3tWDea5t0TfHP
Score

10^/10

urelas trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelastrojanupx

behavioral2

urelastrojanupx

© 2018-2025

Terms | Privacy