urelas | 97f4f39071a20093e621287cffbbc68908917a9aeb64449fcead651349e857db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cbd44e687e23737a34fae51d7ef51cc
Size

446KB
Sample

240101-nn3ewaced2
MD5

3cbd44e687e23737a34fae51d7ef51cc
SHA1

8bfbbf8f20ae6c719ada1e44adcfb69a27998b40
SHA256

97f4f39071a20093e621287cffbbc68908917a9aeb64449fcead651349e857db
SHA512

2efd9dd11186a4f67c94aaff35f80f5b6564a966c09eb0e9eee2a7058717a1c17d4bcb30ff06983c4a66766dd945349568fbdfe25660d13802b82be9b18a4878
SSDEEP

6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOp0:PMpASIcWYx2U6hAJQnJ

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  3cbd44e687e23737a34fae51d7ef51cc
- Size
  
  446KB
- MD5
  
  3cbd44e687e23737a34fae51d7ef51cc
- SHA1
  
  8bfbbf8f20ae6c719ada1e44adcfb69a27998b40
- SHA256
  
  97f4f39071a20093e621287cffbbc68908917a9aeb64449fcead651349e857db
- SHA512
  
  2efd9dd11186a4f67c94aaff35f80f5b6564a966c09eb0e9eee2a7058717a1c17d4bcb30ff06983c4a66766dd945349568fbdfe25660d13802b82be9b18a4878
- SSDEEP
  
  6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOp0:PMpASIcWYx2U6hAJQnJ
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2