urelas | f743a8660a538d912d943a6a27e730e2a35dc11784e0c3072506a008a85a94b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.43c338a137e87ddf45c68015779311fc_JC.exe
Size

141KB
Sample

231011-s4k8ragd8y
MD5

43c338a137e87ddf45c68015779311fc
SHA1

6c87da40f583811e35b466078b9841205f6e12cb
SHA256

f743a8660a538d912d943a6a27e730e2a35dc11784e0c3072506a008a85a94b1
SHA512

dd0fc105215302294beb65402ea3b76b793db3f0790cfcb367cabb609e86f461ca741699f554f9af2efbd30310b05f81d8df5896cd86d8bb27b35e65b8e6f989
SSDEEP

1536:1i+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjK15t5uPpdrcIPWAWvgS:wYYutRQSc/7c6tJK7t5uPpdrxOhvgS

Score

10^/10

urelas trojan

Malware Config

Targets

- Target
  
  NEAS.43c338a137e87ddf45c68015779311fc_JC.exe
- Size
  
  141KB
- MD5
  
  43c338a137e87ddf45c68015779311fc
- SHA1
  
  6c87da40f583811e35b466078b9841205f6e12cb
- SHA256
  
  f743a8660a538d912d943a6a27e730e2a35dc11784e0c3072506a008a85a94b1
- SHA512
  
  dd0fc105215302294beb65402ea3b76b793db3f0790cfcb367cabb609e86f461ca741699f554f9af2efbd30310b05f81d8df5896cd86d8bb27b35e65b8e6f989
- SSDEEP
  
  1536:1i+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjK15t5uPpdrcIPWAWvgS:wYYutRQSc/7c6tJK7t5uPpdrxOhvgS
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2