urelas | 1381e590a69019b2ad03d5ea4be1170f65957b4ed944d22050735ba129d5268f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.7c3158d2c22e523cddda4b11ffd8bcc0.exe
Size

366KB
Sample

231028-ynzzvsac69
MD5

7c3158d2c22e523cddda4b11ffd8bcc0
SHA1

39475e06639ead748aecb66ff13cf144561a7535
SHA256

1381e590a69019b2ad03d5ea4be1170f65957b4ed944d22050735ba129d5268f
SHA512

5ea4abebf13198f00d2e7ac2bfb129d66b9b08075f0c06a079f98cdd7222868ffb46b02e28eb76a5dcd9fab8a3866ef71e6b79de66d94e65676f1b160e7a8851
SSDEEP

6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pz:CzGL2C2aZ2/F1WHHUaveOHjT/

Score

10^/10

urelas trojan

Malware Config

Targets

- Target
  
  NEAS.7c3158d2c22e523cddda4b11ffd8bcc0.exe
- Size
  
  366KB
- MD5
  
  7c3158d2c22e523cddda4b11ffd8bcc0
- SHA1
  
  39475e06639ead748aecb66ff13cf144561a7535
- SHA256
  
  1381e590a69019b2ad03d5ea4be1170f65957b4ed944d22050735ba129d5268f
- SHA512
  
  5ea4abebf13198f00d2e7ac2bfb129d66b9b08075f0c06a079f98cdd7222868ffb46b02e28eb76a5dcd9fab8a3866ef71e6b79de66d94e65676f1b160e7a8851
- SSDEEP
  
  6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pz:CzGL2C2aZ2/F1WHHUaveOHjT/
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2