urelas | 94181c81dadb20f8c08e403539ac887ce483115f2df8d3817feab2b204b6714d | Triage

Sharing

General

Target

NEAS.5abe6d760deb88c44b47dbf866e16120.exe
Size

466KB
Sample

231102-t8g8bsaf66
MD5

5abe6d760deb88c44b47dbf866e16120
SHA1

0af4527d0fe047cee6dd432d4a267631c1cee103
SHA256

94181c81dadb20f8c08e403539ac887ce483115f2df8d3817feab2b204b6714d
SHA512

c19443c2eba178afb656f088f5f0ab37fafd686642ec74d6f9d09bbd3aa0027b8b199e50f9b6aa90a5de4f0b593e75f54cd42b1783f882e8122ef3bf87e90725
SSDEEP

12288:j3CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6m8:jx9GzHlTv/b35tecFB6p

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

121.88.5.184

Targets

- Target
  
  NEAS.5abe6d760deb88c44b47dbf866e16120.exe
- Size
  
  466KB
- MD5
  
  5abe6d760deb88c44b47dbf866e16120
- SHA1
  
  0af4527d0fe047cee6dd432d4a267631c1cee103
- SHA256
  
  94181c81dadb20f8c08e403539ac887ce483115f2df8d3817feab2b204b6714d
- SHA512
  
  c19443c2eba178afb656f088f5f0ab37fafd686642ec74d6f9d09bbd3aa0027b8b199e50f9b6aa90a5de4f0b593e75f54cd42b1783f882e8122ef3bf87e90725
- SSDEEP
  
  12288:j3CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6m8:jx9GzHlTv/b35tecFB6p
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2