Extracted

• • Target

    4055cf6defa3c63ffd2dd2fd26b3cb9b224ed394b9186ea6ada4cf7325ef65f9

  • Size

    6.5MB

  • MD5

    617ce8380267c9eccda986f2c643a184

  • SHA1

    2908ed6602e78475f247ecb3b65df9bb5ca5506e

  • SHA256

    4055cf6defa3c63ffd2dd2fd26b3cb9b224ed394b9186ea6ada4cf7325ef65f9

  • SHA512

    360858a035eab73bb39085637340ad0b19ff5d3dd157b9f3aa02cb1735512f6e1c09ebe2c3ba625cd24e16a40aceafaadef72968e800aa570de6ef3d57e04e84

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSC:i0LrA2kHKQHNk3og9unipQyOaOC

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • UPX dump on OEP (original entry point)

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2