Extracted

• • Target

    af5445831e1daa125e35a5f94ebb6876130fa0d347483d93aa9ca0592d564289

  • Size

    6.5MB

  • MD5

    b8f48f81154e07c64dbe8880bc698df0

  • SHA1

    c57afa057e3eb8523e4f1afe260358a31e73a7e2

  • SHA256

    af5445831e1daa125e35a5f94ebb6876130fa0d347483d93aa9ca0592d564289

  • SHA512

    dbc1b7468063683bc173dec7fa0efa3c33d9a6e78fadd391804cadcf4d2473c0b65043cd83c9ed05d6104ac8fe43a333c3beb02b01aee44156832bfdf4f55e80

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSK:i0LrA2kHKQHNk3og9unipQyOaOK

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • UPX dump on OEP (original entry point)

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2