urelas | eb0044b032e28f6f062a45f42fc40d4ee087b4bfbe5f3d793044b82d243095d5 | Triage

Sharing

General

Target

86238ad0ad91bc43331022484c2fc26e
Size

442KB
Sample

240409-2wzwlsbf8x
MD5

86238ad0ad91bc43331022484c2fc26e
SHA1

b07f2ea41524642adef3e0a7dd5897534bc71ee2
SHA256

eb0044b032e28f6f062a45f42fc40d4ee087b4bfbe5f3d793044b82d243095d5
SHA512

70ac907fa5d15854cbdedded719c9529e454fe2f9f77e453b401c839b849787fcfde0e71735728368ae0c567e3be3bff16f0358e38793b481b7315c0b893093e
SSDEEP

3072:yZ3vlHjQhJ3wE8iGK01Py3Vvsa26nfjQb6uNHG+yi38/rwdusS9V0alO2alNjgSr:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjoW

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

- Target
  
  86238ad0ad91bc43331022484c2fc26e
- Size
  
  442KB
- MD5
  
  86238ad0ad91bc43331022484c2fc26e
- SHA1
  
  b07f2ea41524642adef3e0a7dd5897534bc71ee2
- SHA256
  
  eb0044b032e28f6f062a45f42fc40d4ee087b4bfbe5f3d793044b82d243095d5
- SHA512
  
  70ac907fa5d15854cbdedded719c9529e454fe2f9f77e453b401c839b849787fcfde0e71735728368ae0c567e3be3bff16f0358e38793b481b7315c0b893093e
- SSDEEP
  
  3072:yZ3vlHjQhJ3wE8iGK01Py3Vvsa26nfjQb6uNHG+yi38/rwdusS9V0alO2alNjgSr:oo3wBi+1Py3V0a2WkRNgi3caOHO5NjoW
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2