urelas | 9f80dbebf6a0eff41036bdc501002d424e6dd617b678ea6a115a18682a3da42b | Triage

Sharing

General

Target

NEAS.8258c7d749681951cff040c91ef03340_JC.exe
Size

161KB
Sample

231104-1ew8qahd46
MD5

8258c7d749681951cff040c91ef03340
SHA1

406f9018b418ae80165a586e280e0032a9a28af9
SHA256

9f80dbebf6a0eff41036bdc501002d424e6dd617b678ea6a115a18682a3da42b
SHA512

d0449329b646cdc95d6da96b0336b22b9849111573601c8c8513c8067d631adbd37bb2e1e450b1233afdf377091d317e36208116d38110b1b6e2c8da93bf98ee
SSDEEP

3072:9p56zRJ83+OJ7NoGvdwWy6k04yW/KlQ2C:9OzRWu27dlOd5sk

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  NEAS.8258c7d749681951cff040c91ef03340_JC.exe
- Size
  
  161KB
- MD5
  
  8258c7d749681951cff040c91ef03340
- SHA1
  
  406f9018b418ae80165a586e280e0032a9a28af9
- SHA256
  
  9f80dbebf6a0eff41036bdc501002d424e6dd617b678ea6a115a18682a3da42b
- SHA512
  
  d0449329b646cdc95d6da96b0336b22b9849111573601c8c8513c8067d631adbd37bb2e1e450b1233afdf377091d317e36208116d38110b1b6e2c8da93bf98ee
- SSDEEP
  
  3072:9p56zRJ83+OJ7NoGvdwWy6k04yW/KlQ2C:9OzRWu27dlOd5sk
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2