urelas | 699f26145d68019ba8737eafd721d6cffeada6cddebcaa94599bcce9cac9205d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72a7643adcbe44f5df8108d97d978380_NeikiAnalytics
Size

361KB
Sample

240510-fd62bafb59
MD5

72a7643adcbe44f5df8108d97d978380
SHA1

5974611d984cb5965d32cc1fea2f0190ffcadc92
SHA256

699f26145d68019ba8737eafd721d6cffeada6cddebcaa94599bcce9cac9205d
SHA512

36d232231db8808bba531e10ec0e46dab2de013c335b6aa3e95225d8db9c20eeb4264de947d62c203bd1f6de4a8b62cd41b31f5751fc6c75e0b6fa73809a196c
SSDEEP

6144:PuOogy7brXN3OMxBxWjKq28FvcIR2GQilr0caF9x8:PuOA7b56rP

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.209

112.175.88.207

Targets

- Target
  
  72a7643adcbe44f5df8108d97d978380_NeikiAnalytics
- Size
  
  361KB
- MD5
  
  72a7643adcbe44f5df8108d97d978380
- SHA1
  
  5974611d984cb5965d32cc1fea2f0190ffcadc92
- SHA256
  
  699f26145d68019ba8737eafd721d6cffeada6cddebcaa94599bcce9cac9205d
- SHA512
  
  36d232231db8808bba531e10ec0e46dab2de013c335b6aa3e95225d8db9c20eeb4264de947d62c203bd1f6de4a8b62cd41b31f5751fc6c75e0b6fa73809a196c
- SSDEEP
  
  6144:PuOogy7brXN3OMxBxWjKq28FvcIR2GQilr0caF9x8:PuOA7b56rP
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2