Extracted

• • Target

    1aa81f2c899008b1f482206e0a73588f63c16c17c829169ed34ab2553e6232e8

  • Size

    247KB

  • MD5

    6bc8b8ea22ded629343c7cd37d165b69

  • SHA1

    ac644dbe00940622e829eea2c7ff98ddde7f2979

  • SHA256

    1aa81f2c899008b1f482206e0a73588f63c16c17c829169ed34ab2553e6232e8

  • SHA512

    9335907ea8c7b3190adb4368238eb47b05eb279f7dc0195de681d3b33b2758377b7ef657de0d094e75606a49e97129780f6a108c68e586a4b1882c008268cc5b

  • SSDEEP

    3072:YYB4Qlayj4kOLH7yUzOu376z6zODggW9VzzOninjdJpHk:5yQlayj4vLmar6zFVWjzzPRJpHk

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • UPX dump on OEP (original entry point)

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2