urelas | b7f9d23a79a3584615b96aad5335707ca944ac2306c1c9d5558abd91bcb9d1ec | Triage

Sharing

General

Target

4790440ba0e67149cff353930fb72ac7
Size

535KB
Sample

231226-a69p1shdb8
MD5

4790440ba0e67149cff353930fb72ac7
SHA1

8124005da70ff24dbc969f0b85b81ee741727676
SHA256

b7f9d23a79a3584615b96aad5335707ca944ac2306c1c9d5558abd91bcb9d1ec
SHA512

1a4672d90139b23328714192e5522fde6d4f5cc89d8671200112f7266889ca625637412de77007d0ba5779f0e08d6a4f2e97e294ef88d9b1b448f164bdfb2af1
SSDEEP

12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP6:q0P/k4lb2wKat6

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

- Target
  
  4790440ba0e67149cff353930fb72ac7
- Size
  
  535KB
- MD5
  
  4790440ba0e67149cff353930fb72ac7
- SHA1
  
  8124005da70ff24dbc969f0b85b81ee741727676
- SHA256
  
  b7f9d23a79a3584615b96aad5335707ca944ac2306c1c9d5558abd91bcb9d1ec
- SHA512
  
  1a4672d90139b23328714192e5522fde6d4f5cc89d8671200112f7266889ca625637412de77007d0ba5779f0e08d6a4f2e97e294ef88d9b1b448f164bdfb2af1
- SSDEEP
  
  12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP6:q0P/k4lb2wKat6
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2