urelas | 33413b258984ae33cb8b622bdbbeec3a572ab08e4d5fd0837fb194525c036d52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0b95b593846d690a5ea971b4c3e054e0.exe
Size

51KB
Sample

231031-krw6gsda33
MD5

0b95b593846d690a5ea971b4c3e054e0
SHA1

94576410c6f2c9d4991075acb90e0270f2e6b503
SHA256

33413b258984ae33cb8b622bdbbeec3a572ab08e4d5fd0837fb194525c036d52
SHA512

d7f762d5e0bf20f4793ee20ee81752c203c0205b0a1ab06a208d56ec1635deff0edec1c972c7a03b846c1f97dc0558384d205cea15c73020e9070ec38bc5d9da
SSDEEP

1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnUx7:It7R8fU6n8Ux7

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  NEAS.0b95b593846d690a5ea971b4c3e054e0.exe
- Size
  
  51KB
- MD5
  
  0b95b593846d690a5ea971b4c3e054e0
- SHA1
  
  94576410c6f2c9d4991075acb90e0270f2e6b503
- SHA256
  
  33413b258984ae33cb8b622bdbbeec3a572ab08e4d5fd0837fb194525c036d52
- SHA512
  
  d7f762d5e0bf20f4793ee20ee81752c203c0205b0a1ab06a208d56ec1635deff0edec1c972c7a03b846c1f97dc0558384d205cea15c73020e9070ec38bc5d9da
- SSDEEP
  
  1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnUx7:It7R8fU6n8Ux7
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2