urelas | e518625844848805ddf2dae9479ccdfdf6013084b68910cd004954aa81e30791 | Triage

Sharing

General

Target

e518625844848805ddf2dae9479ccdfdf6013084b68910cd004954aa81e30791
Size

344KB
Sample

240320-bz272aeb7v
MD5

e90fbfc35090355aec173d79341b7b8c
SHA1

6de2e18af5013c1236f691d03fe739471126a42e
SHA256

e518625844848805ddf2dae9479ccdfdf6013084b68910cd004954aa81e30791
SHA512

c9fdc21fc07ea8272cfa9555316d91df9fab5d226f5c696b78d4cb4461df8ab4b35a01da0d3ca46ce229e945bb33ae23f1c7fb39c4ba1764af50d70915623610
SSDEEP

6144:DX+psoWJ+IvLI7BziS3qoJGd2GexPZmxMcVp0XpY:ymoWkI094og2GgPZkiC

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  e518625844848805ddf2dae9479ccdfdf6013084b68910cd004954aa81e30791
- Size
  
  344KB
- MD5
  
  e90fbfc35090355aec173d79341b7b8c
- SHA1
  
  6de2e18af5013c1236f691d03fe739471126a42e
- SHA256
  
  e518625844848805ddf2dae9479ccdfdf6013084b68910cd004954aa81e30791
- SHA512
  
  c9fdc21fc07ea8272cfa9555316d91df9fab5d226f5c696b78d4cb4461df8ab4b35a01da0d3ca46ce229e945bb33ae23f1c7fb39c4ba1764af50d70915623610
- SSDEEP
  
  6144:DX+psoWJ+IvLI7BziS3qoJGd2GexPZmxMcVp0XpY:ymoWkI094og2GgPZkiC
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2