urelas | d447f64c4aa1dadc7784a9b09d73b5240c6f0acda63b626de1850a93362daeb2 | Triage

Sharing

General

Target

40f25f8a225b34817bef30699aac5470_NeikiAnalytics.exe
Size

421KB
Sample

240604-js811aab5x
MD5

40f25f8a225b34817bef30699aac5470
SHA1

89d601340a802e868839dbc2cfcd60f96566194c
SHA256

d447f64c4aa1dadc7784a9b09d73b5240c6f0acda63b626de1850a93362daeb2
SHA512

d708174bca5cdd52fc4dcad69ddcc4825849837f0d9c61f4e83aa00f4d9c8af0e3abe0ede14f20b519b8543fc821308dda093d9402fc51d7454526a377c7ae14
SSDEEP

6144:SclgVrkccVxjfYNftqZe9+Hc0RLG0aOBAf70GbjUwMD9n/lR7e+XpMSJ:BeVoDVxjQ1gXHcuLHBS/MD9tR71j

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

- Target
  
  40f25f8a225b34817bef30699aac5470_NeikiAnalytics.exe
- Size
  
  421KB
- MD5
  
  40f25f8a225b34817bef30699aac5470
- SHA1
  
  89d601340a802e868839dbc2cfcd60f96566194c
- SHA256
  
  d447f64c4aa1dadc7784a9b09d73b5240c6f0acda63b626de1850a93362daeb2
- SHA512
  
  d708174bca5cdd52fc4dcad69ddcc4825849837f0d9c61f4e83aa00f4d9c8af0e3abe0ede14f20b519b8543fc821308dda093d9402fc51d7454526a377c7ae14
- SSDEEP
  
  6144:SclgVrkccVxjfYNftqZe9+Hc0RLG0aOBAf70GbjUwMD9n/lR7e+XpMSJ:BeVoDVxjQ1gXHcuLHBS/MD9tR71j
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2