Extracted

• • Target

    b6eb471e093560c6e3ff3e9a193e7288cd6c6b7a220d962e5c970d6a0237be04

  • Size

    467KB

  • MD5

    b2e90b5eeaa005af1cd9b5676266158e

  • SHA1

    5647c09b8578735be38e82c78ba782b0044735de

  • SHA256

    b6eb471e093560c6e3ff3e9a193e7288cd6c6b7a220d962e5c970d6a0237be04

  • SHA512

    ae4bc399bac36e47dcc6c1a27749bcb5feb752a327afbb5e60424a27ca3c66452587ea3968b713f42218adb7723546f1585848e59584b59bd1ea330c56e65b4f

  • SSDEEP

    12288:Y6twjLHj/8/GcHUIdPPzEmvTnabAh0ZnAr1UM:Y6tQCG0UUPzEkTn4AC1+X

  Score

  10^/10

  urelastrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • UPX dump on OEP (original entry point)

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2