urelas | d0cf1eafd7cf8ecc46c0975c0792551f2dfa14a90d323131b74c08c4fd0bd2ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

026c732a5566da6a26a65a14619c02f0_exe32_JC.exe
Size

354KB
Sample

231015-s9zy4aha6t
MD5

026c732a5566da6a26a65a14619c02f0
SHA1

fa999ca6371b84a4d8d8daf35bd5e3ddc7b47595
SHA256

d0cf1eafd7cf8ecc46c0975c0792551f2dfa14a90d323131b74c08c4fd0bd2ca
SHA512

9b29d0543cf9e11b2a0e999597e8ee18836c304502aba4747a02570700e88033c1bf60385f2a4ae8cf89d36e122608c7417dba6d69019daa4eecf88bd94eea79
SSDEEP

6144:AmSxoGPeQ+tIOrOgFtFlBooGV8JI9PTdCfhS7rk2IEuFXV3WATRZ8HqRE:lSxJ2OcDi2i9PjftuFXVGAMqq

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  026c732a5566da6a26a65a14619c02f0_exe32_JC.exe
- Size
  
  354KB
- MD5
  
  026c732a5566da6a26a65a14619c02f0
- SHA1
  
  fa999ca6371b84a4d8d8daf35bd5e3ddc7b47595
- SHA256
  
  d0cf1eafd7cf8ecc46c0975c0792551f2dfa14a90d323131b74c08c4fd0bd2ca
- SHA512
  
  9b29d0543cf9e11b2a0e999597e8ee18836c304502aba4747a02570700e88033c1bf60385f2a4ae8cf89d36e122608c7417dba6d69019daa4eecf88bd94eea79
- SSDEEP
  
  6144:AmSxoGPeQ+tIOrOgFtFlBooGV8JI9PTdCfhS7rk2IEuFXV3WATRZ8HqRE:lSxJ2OcDi2i9PjftuFXVGAMqq
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2