urelas | 33c550e7d8a526bf5fa92c9946a292769cb78d4f54b7221a6960740feaccc8eb | Triage

Sharing

General

Target

NEAS.bd711982026f3a86ef657bcfc639ca30.exe
Size

203KB
Sample

231013-zehvnaha92
MD5

bd711982026f3a86ef657bcfc639ca30
SHA1

e2bd2b0dd4e8823e3a29679acefc54d2804190cb
SHA256

33c550e7d8a526bf5fa92c9946a292769cb78d4f54b7221a6960740feaccc8eb
SHA512

510bc867f1da1dbe7a31bcb5b7db9f43323388b1dc69125ba4144a363e862c4bd0bab7ae2b11702e343787b84889c03c654190c2fd213135db7cf02fc1313700
SSDEEP

3072:DPijU4kcITkEnbBvByrEVoULptsdXfBo/DBJBGzkP9T:LijBkcITtnbBvnjLpSa/B

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.28.139

Targets

- Target
  
  NEAS.bd711982026f3a86ef657bcfc639ca30.exe
- Size
  
  203KB
- MD5
  
  bd711982026f3a86ef657bcfc639ca30
- SHA1
  
  e2bd2b0dd4e8823e3a29679acefc54d2804190cb
- SHA256
  
  33c550e7d8a526bf5fa92c9946a292769cb78d4f54b7221a6960740feaccc8eb
- SHA512
  
  510bc867f1da1dbe7a31bcb5b7db9f43323388b1dc69125ba4144a363e862c4bd0bab7ae2b11702e343787b84889c03c654190c2fd213135db7cf02fc1313700
- SSDEEP
  
  3072:DPijU4kcITkEnbBvByrEVoULptsdXfBo/DBJBGzkP9T:LijBkcITtnbBvnjLpSa/B
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2