Extracted

• • Target

    4e28059cfb209986795fb36f9f4cf2f3381433cf42c6dd14328f42cb029526ee

  • Size

    428KB

  • MD5

    0721cd569eac90a2b4ff0a2358f07bb6

  • SHA1

    7f46fceb4ef323c9dd96bac2152cc4261acf16ea

  • SHA256

    4e28059cfb209986795fb36f9f4cf2f3381433cf42c6dd14328f42cb029526ee

  • SHA512

    9da9bf38e77ed85c6be7c7009fb0a9a508ffe37750afb66b34300e7c837756958b8e39af83c644cfdb3f5d165331615affb77e6a7c419d0a730f27e8ce32803f

  • SSDEEP

    6144:hGOMmhsKI2ir5crKFHLZx2LpLDXeZOXOS/6zb5x:hGOIB5crKFHLZx2LpPeZOY

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • UPX dump on OEP (original entry point)

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2