Extracted

• • Target

    c696b1ba3409aa799769815a4bcc1da27e52e80b8fc2731d6e1713ff52be9160

  • Size

    342KB

  • MD5

    1e805c0b8a34c6295ec6e7d02c0f0539

  • SHA1

    79ab51cb5f5b2b4141eb1a3ec88ee45aca06d027

  • SHA256

    c696b1ba3409aa799769815a4bcc1da27e52e80b8fc2731d6e1713ff52be9160

  • SHA512

    38a508d1100e91f4845b6933dfc432d4c8ef658da1d2bc817cc7dfb3e4e17c4386fb4685e8a3ffb4cc6a312853b81ee49be8c97e0758ab68aabd445f286dadea

  • SSDEEP

    6144:Nd7rpL43btmQ58Z27zw39gY2FeZhrL8Jt:X7dL4AZ0U9gY2Fhz

  Score

  10^/10

  urelasaspackv2trojan

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2