urelas | ab606707a0af318a5c6de74150537db93d2c0f35b5a29c54a88ae4d34dbd2c35 | Triage

Sharing

General

Target

NEAS.6240cda4202c834e1011a6f64d524990.exe
Size

404KB
Sample

231115-ghctpsda89
MD5

6240cda4202c834e1011a6f64d524990
SHA1

2729d163ae56f2beeff217e4f818c3192d339094
SHA256

ab606707a0af318a5c6de74150537db93d2c0f35b5a29c54a88ae4d34dbd2c35
SHA512

fd968d3a78601a774fa54c2bdb0014417e58becf4a86f563780682d2fd463e31222f8014b25404b4b0f44af206d6db89d863109473163af6600aa062e6a1d2c7
SSDEEP

6144:UzU7blKDlTiCWhWapKRaRXOkN4Swel6f3IuOI:uU7M1ijWh0XOW4sEfHOI

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

- Target
  
  NEAS.6240cda4202c834e1011a6f64d524990.exe
- Size
  
  404KB
- MD5
  
  6240cda4202c834e1011a6f64d524990
- SHA1
  
  2729d163ae56f2beeff217e4f818c3192d339094
- SHA256
  
  ab606707a0af318a5c6de74150537db93d2c0f35b5a29c54a88ae4d34dbd2c35
- SHA512
  
  fd968d3a78601a774fa54c2bdb0014417e58becf4a86f563780682d2fd463e31222f8014b25404b4b0f44af206d6db89d863109473163af6600aa062e6a1d2c7
- SSDEEP
  
  6144:UzU7blKDlTiCWhWapKRaRXOkN4Swel6f3IuOI:uU7M1ijWh0XOW4sEfHOI
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2