urelas | c9a7fbc74f14fd0561ba21366dbf3f0b053bc65bc078622c61b2881cadbc47e9 | Triage

Sharing

General

Target

299aba363caef390fbc4bd35f09718dd
Size

401KB
Sample

231231-fxx8hsbedq
MD5

299aba363caef390fbc4bd35f09718dd
SHA1

86cc9f5714875325e3f582176cf50e1d2b6887ba
SHA256

c9a7fbc74f14fd0561ba21366dbf3f0b053bc65bc078622c61b2881cadbc47e9
SHA512

7071f458001f56b80bdfcd4ff5ed3a036d48f7ce26f5b5cc9aecb8b45fb1b3d112c94e345682e8f250a8d97529bae56e3227b5786f57a065e26ff1cae9d60272
SSDEEP

6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohJh:8IfBoDWoyFblU6hAJQnOTh

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  299aba363caef390fbc4bd35f09718dd
- Size
  
  401KB
- MD5
  
  299aba363caef390fbc4bd35f09718dd
- SHA1
  
  86cc9f5714875325e3f582176cf50e1d2b6887ba
- SHA256
  
  c9a7fbc74f14fd0561ba21366dbf3f0b053bc65bc078622c61b2881cadbc47e9
- SHA512
  
  7071f458001f56b80bdfcd4ff5ed3a036d48f7ce26f5b5cc9aecb8b45fb1b3d112c94e345682e8f250a8d97529bae56e3227b5786f57a065e26ff1cae9d60272
- SSDEEP
  
  6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrohJh:8IfBoDWoyFblU6hAJQnOTh
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2