urelas | 99b0e6c557256717472ab8b99a91e7f819c1f4cc77f165566985c694a86dd1d2 | Triage

Sharing

General

Target

aeab4161e9560703eacffcf0b2eb4ff0_NeikiAnalytics.exe
Size

329KB
Sample

240619-kygpdasbkm
MD5

aeab4161e9560703eacffcf0b2eb4ff0
SHA1

ee1b406cbd6669467c3a999bae34e7a262ec6b27
SHA256

99b0e6c557256717472ab8b99a91e7f819c1f4cc77f165566985c694a86dd1d2
SHA512

2dd53a07f71dc97c9bb4dd8c701be0648ed66e067d35ddbd0f073504b8171bd4277e8ab4a761654840d6d002e8fad8614c89c12a46a8b40118ba864cce84a897
SSDEEP

6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpSRFe:PkXpd6jqiOIHZAj3e

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  aeab4161e9560703eacffcf0b2eb4ff0_NeikiAnalytics.exe
- Size
  
  329KB
- MD5
  
  aeab4161e9560703eacffcf0b2eb4ff0
- SHA1
  
  ee1b406cbd6669467c3a999bae34e7a262ec6b27
- SHA256
  
  99b0e6c557256717472ab8b99a91e7f819c1f4cc77f165566985c694a86dd1d2
- SHA512
  
  2dd53a07f71dc97c9bb4dd8c701be0648ed66e067d35ddbd0f073504b8171bd4277e8ab4a761654840d6d002e8fad8614c89c12a46a8b40118ba864cce84a897
- SSDEEP
  
  6144:sY4zSop9m06QbGTCnTRoOIH3FPA7AthtLpSRFe:PkXpd6jqiOIHZAj3e
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2