Extracted

• • Target

    NEAS.c0b531f0de9f7e8305b537535f9f0620.exe

  • Size

    200KB

  • MD5

    c0b531f0de9f7e8305b537535f9f0620

  • SHA1

    63bb2cd5430eb483f7878378e8f9607f678a20a2

  • SHA256

    91d9bb403c6ce7eece8eaf345dca0e1baf5bf4591e6b426ba3d921fcb177405c

  • SHA512

    86a67320786bb7fab27d0c4cf8ce3824e571f8588fde2c8fc373cae20fd68f1e986a89abbb352857501959688cc3680308d3b07725a3812902900fdb93742fff

  • SSDEEP

    1536:Ti+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjZ1g9B5McLaRQLd764cGPP:eYYutRQSc/7c6tJZm9B5MuaRQLd7643H

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2