urelas | 4e9e433cedd5814a0c0f26403379f3ca190321ae72d471cb2c3a21c8b904b485 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ab0cc236f09e4072aa5f42c628a46358_JC.exe
Size

61KB
Sample

231014-mwmtqaee86
MD5

ab0cc236f09e4072aa5f42c628a46358
SHA1

84a3beeaeaafd200ccc2eb9b790cc3e0560a13f0
SHA256

4e9e433cedd5814a0c0f26403379f3ca190321ae72d471cb2c3a21c8b904b485
SHA512

5be580a823db3e975fe952d60c6a6a6a161d04b54d56446235b959912d6aa0161c78802faf396013c9f1522f76fc6d0c86492cef13fca56c1b397dd0c43a8b43
SSDEEP

1536:ZjMcyJNDLl7bSHliJQmpoDX+wtS1syxMR8EITC:ZjwfvQlEhpoT3YVWiEWC

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

- Target
  
  NEAS.ab0cc236f09e4072aa5f42c628a46358_JC.exe
- Size
  
  61KB
- MD5
  
  ab0cc236f09e4072aa5f42c628a46358
- SHA1
  
  84a3beeaeaafd200ccc2eb9b790cc3e0560a13f0
- SHA256
  
  4e9e433cedd5814a0c0f26403379f3ca190321ae72d471cb2c3a21c8b904b485
- SHA512
  
  5be580a823db3e975fe952d60c6a6a6a161d04b54d56446235b959912d6aa0161c78802faf396013c9f1522f76fc6d0c86492cef13fca56c1b397dd0c43a8b43
- SSDEEP
  
  1536:ZjMcyJNDLl7bSHliJQmpoDX+wtS1syxMR8EITC:ZjwfvQlEhpoT3YVWiEWC
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2