urelas | ec07ff3c01ca725389072c1d765f219513ad0f7fa85fd7beb0c2810ed0eee083 | Triage

Sharing

General

Target

85b9ad6a9b9bd6f1561ca0a286022b30_NeikiAnalytics
Size

209KB
Sample

240511-fwv2rshh53
MD5

85b9ad6a9b9bd6f1561ca0a286022b30
SHA1

cbc836629721a507d63e0c38128a4a3ccf788cca
SHA256

ec07ff3c01ca725389072c1d765f219513ad0f7fa85fd7beb0c2810ed0eee083
SHA512

7a8d467fb39facf37f53d65907424e5c660e214b46053c706df8074a90127932018f59b85b5975dcfb8e1b7437fbc6cf710587708f2c5f41fa5bb10600a428f5
SSDEEP

1536:1q1utPdWHdPEzoT2/VhWbnoZSKLfiGGPgq3ePAH8PNqWxCxrR/x9sqB:1fPdWqV0CvL6GGCPNqWUxrR/x9sqB

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.77

218.54.47.74

Targets

- Target
  
  85b9ad6a9b9bd6f1561ca0a286022b30_NeikiAnalytics
- Size
  
  209KB
- MD5
  
  85b9ad6a9b9bd6f1561ca0a286022b30
- SHA1
  
  cbc836629721a507d63e0c38128a4a3ccf788cca
- SHA256
  
  ec07ff3c01ca725389072c1d765f219513ad0f7fa85fd7beb0c2810ed0eee083
- SHA512
  
  7a8d467fb39facf37f53d65907424e5c660e214b46053c706df8074a90127932018f59b85b5975dcfb8e1b7437fbc6cf710587708f2c5f41fa5bb10600a428f5
- SSDEEP
  
  1536:1q1utPdWHdPEzoT2/VhWbnoZSKLfiGGPgq3ePAH8PNqWxCxrR/x9sqB:1fPdWqV0CvL6GGCPNqWUxrR/x9sqB
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2