urelas | ae130229b99f6c1e716bce2186d6a269bf9f6abbdb42c040ed0b9f910e65521f | Triage

Sharing

General

Target

b4624632352899f5b1dde2aac8902e00
Size

235KB
Sample

240305-lnr8ssbg41
MD5

b4624632352899f5b1dde2aac8902e00
SHA1

07ee4519a65231da6cf5ce5673eac51cd04ea1ac
SHA256

ae130229b99f6c1e716bce2186d6a269bf9f6abbdb42c040ed0b9f910e65521f
SHA512

1cedfa8b4775d20bca40cb266eb93a7a7aa1e925b402bd16d5ebb37e71b1ebe35e3cbafb63943837189ddbb51b3161cabfe15b7a6f1be694f4a4a992ac97f834
SSDEEP

3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2b:ZASpvo0LKkRzpxJ2kRqroib

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  b4624632352899f5b1dde2aac8902e00
- Size
  
  235KB
- MD5
  
  b4624632352899f5b1dde2aac8902e00
- SHA1
  
  07ee4519a65231da6cf5ce5673eac51cd04ea1ac
- SHA256
  
  ae130229b99f6c1e716bce2186d6a269bf9f6abbdb42c040ed0b9f910e65521f
- SHA512
  
  1cedfa8b4775d20bca40cb266eb93a7a7aa1e925b402bd16d5ebb37e71b1ebe35e3cbafb63943837189ddbb51b3161cabfe15b7a6f1be694f4a4a992ac97f834
- SSDEEP
  
  3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2b:ZASpvo0LKkRzpxJ2kRqroib
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2