urelas | c6bbd277210057f12b0d9700407c1573251dc91e1c01ee438f21b5a8c529391c | Triage

Submit
Reports

Overview

overview

Static

static

3

9e7da50494...cs.exe

windows7-x64

9e7da50494...cs.exe

windows10-2004-x64

Sharing

General

Target

9e7da504948327887438dd940b242f90_NeikiAnalytics.exe
Size

6.5MB
Sample

240524-xtgvssga99
MD5

9e7da504948327887438dd940b242f90
SHA1

fc170a26f94589859fbf610b95a21b6ed50d390e
SHA256

c6bbd277210057f12b0d9700407c1573251dc91e1c01ee438f21b5a8c529391c
SHA512

211883a8009a2055ca3bf1042b2c97b2d88d465c853a107dfe4020f3486af3b74432a037fb25999f84351fae47afbac15b6233213904b72e34fa4f9b0489a862
SSDEEP

98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSU:i0LrA2kHKQHNk3og9unipQyOaOU

Score

10^/10

urelas trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9e7da504948327887438dd940b242f90_NeikiAnalytics.exe

Resource

win7-20240215-en

urelas trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9e7da504948327887438dd940b242f90_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

urelas trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  9e7da504948327887438dd940b242f90_NeikiAnalytics.exe
- Size
  
  6.5MB
- MD5
  
  9e7da504948327887438dd940b242f90
- SHA1
  
  fc170a26f94589859fbf610b95a21b6ed50d390e
- SHA256
  
  c6bbd277210057f12b0d9700407c1573251dc91e1c01ee438f21b5a8c529391c
- SHA512
  
  211883a8009a2055ca3bf1042b2c97b2d88d465c853a107dfe4020f3486af3b74432a037fb25999f84351fae47afbac15b6233213904b72e34fa4f9b0489a862
- SSDEEP
  
  98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSU:i0LrA2kHKQHNk3og9unipQyOaOU
Score

10^/10

urelas trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelastrojanupx

behavioral2

urelastrojanupx

© 2018-2024

Terms | Privacy