urelas | 8e8fd100abf60b66cc45b97db2fa438c63b06fc6e7b233e9655605441b897cfc | Triage

Sharing

General

Target

8e8fd100abf60b66cc45b97db2fa438c63b06fc6e7b233e9655605441b897cfc
Size

359KB
Sample

240620-asvc6syerh
MD5

dfb3779c551d4ee4e50a4621b6145411
SHA1

6a0cb76aa520332950e67d3f9a99ee425f50626a
SHA256

8e8fd100abf60b66cc45b97db2fa438c63b06fc6e7b233e9655605441b897cfc
SHA512

5940eb5edab888cbee06ef9d34c03f651f62824ac7915f005037e4df47f84da07703be8b88ae9eb8a3ae5cb5a343f871d4fb5a144e077ae5a679a033976bc717
SSDEEP

6144:c1bYec5C8AAYLxhEmPG7qwmioqVsCqbN0hx:MUyI6QmPPPqVspa

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

- Target
  
  8e8fd100abf60b66cc45b97db2fa438c63b06fc6e7b233e9655605441b897cfc
- Size
  
  359KB
- MD5
  
  dfb3779c551d4ee4e50a4621b6145411
- SHA1
  
  6a0cb76aa520332950e67d3f9a99ee425f50626a
- SHA256
  
  8e8fd100abf60b66cc45b97db2fa438c63b06fc6e7b233e9655605441b897cfc
- SHA512
  
  5940eb5edab888cbee06ef9d34c03f651f62824ac7915f005037e4df47f84da07703be8b88ae9eb8a3ae5cb5a343f871d4fb5a144e077ae5a679a033976bc717
- SSDEEP
  
  6144:c1bYec5C8AAYLxhEmPG7qwmioqVsCqbN0hx:MUyI6QmPPPqVspa
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2