urelas | a3d93ac6346281e7dee8546016bf2114e3d45e39210b1b45d4a70246d4fa4265 | Triage

Sharing

General

Target

NEAS.1be0175b239625d2b3ed3642c0a703e0_JC.exe
Size

454KB
Sample

231103-zv3vrsad2t
MD5

1be0175b239625d2b3ed3642c0a703e0
SHA1

f24a9b1e5d8ca62d936c6f320eeaa7b38a6e9272
SHA256

a3d93ac6346281e7dee8546016bf2114e3d45e39210b1b45d4a70246d4fa4265
SHA512

e661f10c66c97276665888c29c3e8341e87d0be098ae7750617e63a582817bbd6ef66860787f4de2fa6f1bb321bcf5e6053c10587c748eaa8bdb3a7334b859f7
SSDEEP

6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdm/3le:LMpASIcWYx2U6hAJVN0

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  NEAS.1be0175b239625d2b3ed3642c0a703e0_JC.exe
- Size
  
  454KB
- MD5
  
  1be0175b239625d2b3ed3642c0a703e0
- SHA1
  
  f24a9b1e5d8ca62d936c6f320eeaa7b38a6e9272
- SHA256
  
  a3d93ac6346281e7dee8546016bf2114e3d45e39210b1b45d4a70246d4fa4265
- SHA512
  
  e661f10c66c97276665888c29c3e8341e87d0be098ae7750617e63a582817bbd6ef66860787f4de2fa6f1bb321bcf5e6053c10587c748eaa8bdb3a7334b859f7
- SSDEEP
  
  6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdm/3le:LMpASIcWYx2U6hAJVN0
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2