urelas | 81f5fc7247797d5d8dfb5860cd12535ac879ec2507ac934cdf2d05e76c2d59f7 | Triage

Sharing

General

Target

a9c0800d6f48953b981576b464623ad7
Size

441KB
Sample

240227-v5h6wsfd6t
MD5

a9c0800d6f48953b981576b464623ad7
SHA1

aa0e2fd82c0c55f6d01d06863ca8aaf88255db68
SHA256

81f5fc7247797d5d8dfb5860cd12535ac879ec2507ac934cdf2d05e76c2d59f7
SHA512

229b4abfce3c63fc65c648c2496dbbd28a5388e4b7da05d377f4f030f6b1ee9bedf257dcb8c291ebf2ff87acd2ebc2e74d1e169e0d98827c1702c805bd4e64bd
SSDEEP

6144:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjEwwiYWB5mV4Pzw9ygibGGMb:rKf1PyKa2H3hOHOHz9JQ6zBQ

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

- Target
  
  a9c0800d6f48953b981576b464623ad7
- Size
  
  441KB
- MD5
  
  a9c0800d6f48953b981576b464623ad7
- SHA1
  
  aa0e2fd82c0c55f6d01d06863ca8aaf88255db68
- SHA256
  
  81f5fc7247797d5d8dfb5860cd12535ac879ec2507ac934cdf2d05e76c2d59f7
- SHA512
  
  229b4abfce3c63fc65c648c2496dbbd28a5388e4b7da05d377f4f030f6b1ee9bedf257dcb8c291ebf2ff87acd2ebc2e74d1e169e0d98827c1702c805bd4e64bd
- SSDEEP
  
  6144:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjEwwiYWB5mV4Pzw9ygibGGMb:rKf1PyKa2H3hOHOHz9JQ6zBQ
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2