urelas | 8115a6c77baaf06e2ac564cd3752141c00cafdf1b0d269643411c963ca1af1c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

135a7626a395f99a124d702dfead30cc_JaffaCakes118
Size

192KB
Sample

240329-ac7zbscb7v
MD5

135a7626a395f99a124d702dfead30cc
SHA1

412ee96144612b34b4bbe99075379dd837102e81
SHA256

8115a6c77baaf06e2ac564cd3752141c00cafdf1b0d269643411c963ca1af1c3
SHA512

c93656f2426300a316b48944cf5b568af78ec128534c62c77de51704ac7a77f5de9dd97aa8c9cf6bde89446f258f9f9f19f75137637c2901163af2d05554de40
SSDEEP

3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIh1:gExhk7rh7NEOIYWlPM6r61

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  135a7626a395f99a124d702dfead30cc_JaffaCakes118
- Size
  
  192KB
- MD5
  
  135a7626a395f99a124d702dfead30cc
- SHA1
  
  412ee96144612b34b4bbe99075379dd837102e81
- SHA256
  
  8115a6c77baaf06e2ac564cd3752141c00cafdf1b0d269643411c963ca1af1c3
- SHA512
  
  c93656f2426300a316b48944cf5b568af78ec128534c62c77de51704ac7a77f5de9dd97aa8c9cf6bde89446f258f9f9f19f75137637c2901163af2d05554de40
- SSDEEP
  
  3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIh1:gExhk7rh7NEOIYWlPM6r61
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2