urelas | 7944271bb179c31d75a959a56a5cef9a34c1a21e2a2ade96ff8cc5d74f94054e | Triage

Sharing

General

Target

7e5f099567222ed660a823bb7a624c30
Size

366KB
Sample

240409-ymjw9aca2t
MD5

7e5f099567222ed660a823bb7a624c30
SHA1

cc843f9a1616620e072faa2ae9990602a8df13ce
SHA256

7944271bb179c31d75a959a56a5cef9a34c1a21e2a2ade96ff8cc5d74f94054e
SHA512

6a219f8095b6845697dc12c5a618c4a8b48a1d1379104911dd3bafca241ab3bc2051c0ce6efe0d12f8c75fb0d9dd3254b48899ab6c54779cd697d0b484480177
SSDEEP

6144:OuJkl8DV12C28tLN2/FkCO0aHftvCGCBhDOHjTPmXHk62pO:OzGL2C2aZ2/F1XaveOHjTC

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

- Target
  
  7e5f099567222ed660a823bb7a624c30
- Size
  
  366KB
- MD5
  
  7e5f099567222ed660a823bb7a624c30
- SHA1
  
  cc843f9a1616620e072faa2ae9990602a8df13ce
- SHA256
  
  7944271bb179c31d75a959a56a5cef9a34c1a21e2a2ade96ff8cc5d74f94054e
- SHA512
  
  6a219f8095b6845697dc12c5a618c4a8b48a1d1379104911dd3bafca241ab3bc2051c0ce6efe0d12f8c75fb0d9dd3254b48899ab6c54779cd697d0b484480177
- SSDEEP
  
  6144:OuJkl8DV12C28tLN2/FkCO0aHftvCGCBhDOHjTPmXHk62pO:OzGL2C2aZ2/F1XaveOHjTC
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2