urelas | 07e76d48048f345831535e1483a3013ca8e2c1b9a96511304ddbf8935c4b8d88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3430ee8706cd29a5daf62024b67b825e
Size

487KB
Sample

240409-x3km2sah2s
MD5

3430ee8706cd29a5daf62024b67b825e
SHA1

e2cba5141d3667eab23b1be0b42f79f9706400a6
SHA256

07e76d48048f345831535e1483a3013ca8e2c1b9a96511304ddbf8935c4b8d88
SHA512

5db5033d37def9d917a43167f5af963aeb0c8578710e734c115e89d3f49c1b5eb3cb2515653e6cf53559af859d79d7f951596d7c535f0b0edad22d520925f8ea
SSDEEP

12288:cpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhy:cpbGRZxSfGCUs99hq5Ja

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  3430ee8706cd29a5daf62024b67b825e
- Size
  
  487KB
- MD5
  
  3430ee8706cd29a5daf62024b67b825e
- SHA1
  
  e2cba5141d3667eab23b1be0b42f79f9706400a6
- SHA256
  
  07e76d48048f345831535e1483a3013ca8e2c1b9a96511304ddbf8935c4b8d88
- SHA512
  
  5db5033d37def9d917a43167f5af963aeb0c8578710e734c115e89d3f49c1b5eb3cb2515653e6cf53559af859d79d7f951596d7c535f0b0edad22d520925f8ea
- SSDEEP
  
  12288:cpbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhy:cpbGRZxSfGCUs99hq5Ja
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2