urelas | 93a542aacbcb9418f9a7b03429cb9316a61bc8b56828b05031a2d15798bc11fa | Triage

Sharing

General

Target

93a542aacbcb9418f9a7b03429cb9316a61bc8b56828b05031a2d15798bc11fa
Size

364KB
Sample

240406-akmncsfh37
MD5

01436530a833b9617985a12d9fff79da
SHA1

cea679da0d5fd6cdaf8b727c2b595778a885ac40
SHA256

93a542aacbcb9418f9a7b03429cb9316a61bc8b56828b05031a2d15798bc11fa
SHA512

13248d6a0501fd71d940ece7311f50bc82c572773e6066e5bb07b45cbfa375a8d166f34c7ac634701df8d2f7a380188cc8ce2c17eb9d7c7c250f244cf76ff9fe
SSDEEP

6144:OuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pu:OzGL2C2aZ2/F1WHHUaveOHjTa

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

- Target
  
  93a542aacbcb9418f9a7b03429cb9316a61bc8b56828b05031a2d15798bc11fa
- Size
  
  364KB
- MD5
  
  01436530a833b9617985a12d9fff79da
- SHA1
  
  cea679da0d5fd6cdaf8b727c2b595778a885ac40
- SHA256
  
  93a542aacbcb9418f9a7b03429cb9316a61bc8b56828b05031a2d15798bc11fa
- SHA512
  
  13248d6a0501fd71d940ece7311f50bc82c572773e6066e5bb07b45cbfa375a8d166f34c7ac634701df8d2f7a380188cc8ce2c17eb9d7c7c250f244cf76ff9fe
- SSDEEP
  
  6144:OuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pu:OzGL2C2aZ2/F1WHHUaveOHjTa
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2