urelas | f6c8a2b59adf369b7096bbffb617c22e767ac6f6d9ba40966ed346e59d6a84a3 | Triage

Sharing

General

Target

NEAS.e32ef0e287e6b5e284b882356a849220.exe
Size

344KB
Sample

231031-kx5d2sge97
MD5

e32ef0e287e6b5e284b882356a849220
SHA1

249ecaba9a2302d5b41fb7dbdcfa845fe06a8d7b
SHA256

f6c8a2b59adf369b7096bbffb617c22e767ac6f6d9ba40966ed346e59d6a84a3
SHA512

bbaa666ef50a94c325a11fcb08ed3f4c5007886274347ec0d9e168115561abfd6bef0399b282ecfadf49eb83ae14d3906b9668dfd901653472c20e1b82e06204
SSDEEP

6144:SaVKyyzwbnUkoiqwcAR92o29tZTEr6UTdO5CksxCDy9pPbzBHU2ytlu8:g7yUTihRQhE9ONs46pP3BHUbtT

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  NEAS.e32ef0e287e6b5e284b882356a849220.exe
- Size
  
  344KB
- MD5
  
  e32ef0e287e6b5e284b882356a849220
- SHA1
  
  249ecaba9a2302d5b41fb7dbdcfa845fe06a8d7b
- SHA256
  
  f6c8a2b59adf369b7096bbffb617c22e767ac6f6d9ba40966ed346e59d6a84a3
- SHA512
  
  bbaa666ef50a94c325a11fcb08ed3f4c5007886274347ec0d9e168115561abfd6bef0399b282ecfadf49eb83ae14d3906b9668dfd901653472c20e1b82e06204
- SSDEEP
  
  6144:SaVKyyzwbnUkoiqwcAR92o29tZTEr6UTdO5CksxCDy9pPbzBHU2ytlu8:g7yUTihRQhE9ONs46pP3BHUbtT
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2