urelas | 38e440a5b202b43c33ef0b95bbfcf1018d60cb037c9dc78598ad1515aad7683d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEASbe4985805ec5cc8f8273b9c823153320exe.exe
Size

121KB
Sample

231102-vajtyabh94
MD5

be4985805ec5cc8f8273b9c823153320
SHA1

486c5d75de7912e61e2af2904e30fd7ffc8eccb9
SHA256

38e440a5b202b43c33ef0b95bbfcf1018d60cb037c9dc78598ad1515aad7683d
SHA512

1ac56c29b002fd724529ba69871904808de921cc629418300ed4ecb4337e93779ac22643dc5110b94f317090aa7a8ed26776552aac444ce7117e1b74bbe7d36c
SSDEEP

1536:DVih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YAiQ45D:DVSRBPCoLY5RIzNdy6YO45D

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  NEAS.NEASbe4985805ec5cc8f8273b9c823153320exe.exe
- Size
  
  121KB
- MD5
  
  be4985805ec5cc8f8273b9c823153320
- SHA1
  
  486c5d75de7912e61e2af2904e30fd7ffc8eccb9
- SHA256
  
  38e440a5b202b43c33ef0b95bbfcf1018d60cb037c9dc78598ad1515aad7683d
- SHA512
  
  1ac56c29b002fd724529ba69871904808de921cc629418300ed4ecb4337e93779ac22643dc5110b94f317090aa7a8ed26776552aac444ce7117e1b74bbe7d36c
- SSDEEP
  
  1536:DVih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YAiQ45D:DVSRBPCoLY5RIzNdy6YO45D
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2