urelas | 2d466d012e3d3f8ce5f3e706819fee38a007da22dc1a4d783155d3a48109677f | Triage

Sharing

General

Target

2d466d012e3d3f8ce5f3e706819fee38a007da22dc1a4d783155d3a48109677f
Size

429KB
Sample

240309-1dlqlabe9z
MD5

9294bd2ca427009b82d25fbfeb5667ea
SHA1

3c2ed17e6ecc8fce2b986e336632cd3701928069
SHA256

2d466d012e3d3f8ce5f3e706819fee38a007da22dc1a4d783155d3a48109677f
SHA512

7da486dab91cd309ca55c16049a8eb7bd156adf8e998e6d57b4c54dc44c988254449b71741328ef650080207df2f64f367d8b545cbc4b44cf8a9e5fb4444a022
SSDEEP

6144:UzU7blKaP2iCWhWapKRaRXOkN4Swel6f3IuODGLJGHf:uU7M5ijWh0XOW4sEfHOD

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

- Target
  
  2d466d012e3d3f8ce5f3e706819fee38a007da22dc1a4d783155d3a48109677f
- Size
  
  429KB
- MD5
  
  9294bd2ca427009b82d25fbfeb5667ea
- SHA1
  
  3c2ed17e6ecc8fce2b986e336632cd3701928069
- SHA256
  
  2d466d012e3d3f8ce5f3e706819fee38a007da22dc1a4d783155d3a48109677f
- SHA512
  
  7da486dab91cd309ca55c16049a8eb7bd156adf8e998e6d57b4c54dc44c988254449b71741328ef650080207df2f64f367d8b545cbc4b44cf8a9e5fb4444a022
- SSDEEP
  
  6144:UzU7blKaP2iCWhWapKRaRXOkN4Swel6f3IuODGLJGHf:uU7M5ijWh0XOW4sEfHOD
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2