urelas | 540be617e7722af56931ac9f8e905f932d6241540eae989f299a7c082ede5e13 | Triage

Sharing

General

Target

ca6f9c631995d60ec3148e58eed83189
Size

136KB
Sample

240315-emf1tahh68
MD5

ca6f9c631995d60ec3148e58eed83189
SHA1

77074e3eb52829a531d3894fe5564eb3a8c0acf6
SHA256

540be617e7722af56931ac9f8e905f932d6241540eae989f299a7c082ede5e13
SHA512

1ab769ef310900e5e55cd61a6d9aed4dff97f6d793cc8294d16d89b28bc56029f555a3acc613770fc0358cda6af3578afcddfa6b26ddeaae7a74b6af0913b544
SSDEEP

1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APs:P/5kqCxiXEcO3XfGf2tMUf6odgR5AU

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  ca6f9c631995d60ec3148e58eed83189
- Size
  
  136KB
- MD5
  
  ca6f9c631995d60ec3148e58eed83189
- SHA1
  
  77074e3eb52829a531d3894fe5564eb3a8c0acf6
- SHA256
  
  540be617e7722af56931ac9f8e905f932d6241540eae989f299a7c082ede5e13
- SHA512
  
  1ab769ef310900e5e55cd61a6d9aed4dff97f6d793cc8294d16d89b28bc56029f555a3acc613770fc0358cda6af3578afcddfa6b26ddeaae7a74b6af0913b544
- SSDEEP
  
  1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APs:P/5kqCxiXEcO3XfGf2tMUf6odgR5AU
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2