urelas | 6706ce52c6513f9b66c67d199e835f72195fef53bc87a4f20190aca45052363f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.78f356ee098ffc38cbaf4f3c22a29530.exe
Size

58KB
Sample

231102-t89btahb4v
MD5

78f356ee098ffc38cbaf4f3c22a29530
SHA1

9f824214c8e97716790822deaa77a91bd3f5f406
SHA256

6706ce52c6513f9b66c67d199e835f72195fef53bc87a4f20190aca45052363f
SHA512

a5c46cf871b10755c891459ad9a1945a107d0b1e9b4e41f531e3017d5eedadec3f72e94a4debc21cf15c5d1a16a2d567c728e84364dccbc72f4d84334f7016b2
SSDEEP

768:6b4zb59Yix/RoyH+5flZirYqc97vFvrpaZG3DHvTdA9GgnOuS5ZFYycKZpFZx5EF:6bQx5oPsr2vFxDPhAvzgAQzFZ77Mp

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  NEAS.78f356ee098ffc38cbaf4f3c22a29530.exe
- Size
  
  58KB
- MD5
  
  78f356ee098ffc38cbaf4f3c22a29530
- SHA1
  
  9f824214c8e97716790822deaa77a91bd3f5f406
- SHA256
  
  6706ce52c6513f9b66c67d199e835f72195fef53bc87a4f20190aca45052363f
- SHA512
  
  a5c46cf871b10755c891459ad9a1945a107d0b1e9b4e41f531e3017d5eedadec3f72e94a4debc21cf15c5d1a16a2d567c728e84364dccbc72f4d84334f7016b2
- SSDEEP
  
  768:6b4zb59Yix/RoyH+5flZirYqc97vFvrpaZG3DHvTdA9GgnOuS5ZFYycKZpFZx5EF:6bQx5oPsr2vFxDPhAvzgAQzFZ77Mp
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2