urelas | ecc9c891bbb12e2b6b74e3a3c7c52e84e5813bff8e9dcd2c28e33b58a0218c2a | Triage

Sharing

General

Target

72bcd32fe8e2701bc5415b24c9084390_NeikiAnalytics.exe
Size

285KB
Sample

240602-11mw6sgf8s
MD5

72bcd32fe8e2701bc5415b24c9084390
SHA1

49672200dc718711d0893def1481c41f696b5ff5
SHA256

ecc9c891bbb12e2b6b74e3a3c7c52e84e5813bff8e9dcd2c28e33b58a0218c2a
SHA512

5905218e46f5481520ef77d957315c48c521046beb725bf360063fdb8af9f5f9dbac0761c1f5bbded23d633211a4fc3f19abd26f00c61bcf90f4595af3d8cc94
SSDEEP

6144:2ZibQcmlVD+BgotLvTtehd1wLIE92FJ1wZycpaiTyn:20q+BgotLvTtehd1wd92FJ1yA

Score

10^/10

urelas trojan

Malware Config

Targets

- Target
  
  72bcd32fe8e2701bc5415b24c9084390_NeikiAnalytics.exe
- Size
  
  285KB
- MD5
  
  72bcd32fe8e2701bc5415b24c9084390
- SHA1
  
  49672200dc718711d0893def1481c41f696b5ff5
- SHA256
  
  ecc9c891bbb12e2b6b74e3a3c7c52e84e5813bff8e9dcd2c28e33b58a0218c2a
- SHA512
  
  5905218e46f5481520ef77d957315c48c521046beb725bf360063fdb8af9f5f9dbac0761c1f5bbded23d633211a4fc3f19abd26f00c61bcf90f4595af3d8cc94
- SSDEEP
  
  6144:2ZibQcmlVD+BgotLvTtehd1wLIE92FJ1wZycpaiTyn:20q+BgotLvTtehd1wd92FJ1yA
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2