urelas | 255545ed1bd0d5209873370cc88901ad114fe8ce04fc3250bfb145153c562ac4 | Triage

Sharing

General

Target

aa387482fde8b6558331be3e65e21d30_exe32.exe
Size

340KB
Sample

231015-ye4axsdf81
MD5

aa387482fde8b6558331be3e65e21d30
SHA1

3ea1348a718b0486f56e70a961e87ed9fddf2ec6
SHA256

255545ed1bd0d5209873370cc88901ad114fe8ce04fc3250bfb145153c562ac4
SHA512

ed00ef26f5d786ee76c479ae757c8eb6781af9e1586d2c68e52dedc4acfb69409f9d8b39d6dc3ea38f06d1383ea0f43ff35aa67681f1d43f116d5e77217b9ca7
SSDEEP

6144:DX+psoWJ+IvLI7BziS3qoJGd2GexPZmxMcVp0Xps:ymoWkI094og2GgPZkiu

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  aa387482fde8b6558331be3e65e21d30_exe32.exe
- Size
  
  340KB
- MD5
  
  aa387482fde8b6558331be3e65e21d30
- SHA1
  
  3ea1348a718b0486f56e70a961e87ed9fddf2ec6
- SHA256
  
  255545ed1bd0d5209873370cc88901ad114fe8ce04fc3250bfb145153c562ac4
- SHA512
  
  ed00ef26f5d786ee76c479ae757c8eb6781af9e1586d2c68e52dedc4acfb69409f9d8b39d6dc3ea38f06d1383ea0f43ff35aa67681f1d43f116d5e77217b9ca7
- SSDEEP
  
  6144:DX+psoWJ+IvLI7BziS3qoJGd2GexPZmxMcVp0Xps:ymoWkI094og2GgPZkiu
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2