urelas | f27fe47674baa074682184abacef5581279610f58efb35d7a4042856bfda759c | Triage

Sharing

General

Target

NEAS.052b72b2430cc11ea5808fabca8057a0_JC.exe
Size

320KB
Sample

231014-l75cgacb6t
MD5

052b72b2430cc11ea5808fabca8057a0
SHA1

9d25e7396c093b783647c15cd5ae9d0402499e76
SHA256

f27fe47674baa074682184abacef5581279610f58efb35d7a4042856bfda759c
SHA512

a16ba1261430aaad705594f2670ea9ed14a4946376fc69bb11185043116bff96bb5cb08f86f43d7e4cdafeb12a137237a47dc8c37cebc34b6a99056321bc3b75
SSDEEP

6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpp:PkXpd6jqiOIHZAA

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  NEAS.052b72b2430cc11ea5808fabca8057a0_JC.exe
- Size
  
  320KB
- MD5
  
  052b72b2430cc11ea5808fabca8057a0
- SHA1
  
  9d25e7396c093b783647c15cd5ae9d0402499e76
- SHA256
  
  f27fe47674baa074682184abacef5581279610f58efb35d7a4042856bfda759c
- SHA512
  
  a16ba1261430aaad705594f2670ea9ed14a4946376fc69bb11185043116bff96bb5cb08f86f43d7e4cdafeb12a137237a47dc8c37cebc34b6a99056321bc3b75
- SSDEEP
  
  6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpp:PkXpd6jqiOIHZAA
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2