Extracted

• • Target

    09c9dd6abab301931c8e560b826845b4

  • Size

    329KB

  • MD5

    09c9dd6abab301931c8e560b826845b4

  • SHA1

    d721e5288882b02ffc0cd9b9f441361eaf68dc31

  • SHA256

    bd147ccbee28c0df647e90d23b369904c900845a571010750356d773717e62ae

  • SHA512

    94ada4c724104485a2c89936b6353a8d9ac172740a93e2230d3ef41e7ae44fd302e635fd20cdd1f9f2871c901ba21309095f2f67287489bdee6fdde946dfcf31

  • SSDEEP

    3072:NdXi+V5Kgxpdxj8gbib20xTyst542t8ZHWBow8+zoB91wDQgJl0x2AEMenKbZisR:Nd7rpL43btmQ58Z27zw39gY2FeZhJ

  Score

  10^/10

  urelasaspackv2trojan

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2