urelas | 9a4c4098645829ae3b5f7830fedd58798ebbf96f0173c90031de1a0d943340d4 | Triage

Sharing

General

Target

NEAS.1baaf4bfd7943e427e3d0e472f4119d0_JC.exe
Size

76KB
Sample

231011-wdvlaacg4w
MD5

1baaf4bfd7943e427e3d0e472f4119d0
SHA1

8f174f4f282f43af4758454fd46e0427be90c6fa
SHA256

9a4c4098645829ae3b5f7830fedd58798ebbf96f0173c90031de1a0d943340d4
SHA512

45c6d9efb75c2dbde50298660135a9bcfa57023873f12388f47c1faa1a65145eed319daf80b7dec82a524439d840d65194c1ab104e296cbffad22c21dec6e8cb
SSDEEP

1536:jIr3YriYiUi+H++o1eVlXd+8c0GXmvJJNHjLwl50fPGX:jyYti0pXd+8c0GWvJ3Hvwl5l

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  NEAS.1baaf4bfd7943e427e3d0e472f4119d0_JC.exe
- Size
  
  76KB
- MD5
  
  1baaf4bfd7943e427e3d0e472f4119d0
- SHA1
  
  8f174f4f282f43af4758454fd46e0427be90c6fa
- SHA256
  
  9a4c4098645829ae3b5f7830fedd58798ebbf96f0173c90031de1a0d943340d4
- SHA512
  
  45c6d9efb75c2dbde50298660135a9bcfa57023873f12388f47c1faa1a65145eed319daf80b7dec82a524439d840d65194c1ab104e296cbffad22c21dec6e8cb
- SSDEEP
  
  1536:jIr3YriYiUi+H++o1eVlXd+8c0GXmvJJNHjLwl50fPGX:jyYti0pXd+8c0GWvJ3Hvwl5l
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2