urelas | 5a032ae9b8bff08a1f03ed34c5485a4bc288204461b282b86c5babc7d10ea56a | Triage

Sharing

General

Target

5a032ae9b8bff08a1f03ed34c5485a4bc288204461b282b86c5babc7d10ea56a
Size

73KB
Sample

240621-1p9a2asdjd
MD5

63ca74b30001f2d7debbb7a1fc8fe491
SHA1

1fcac20f88719f1a912f9af40b6a9e4919f90f15
SHA256

5a032ae9b8bff08a1f03ed34c5485a4bc288204461b282b86c5babc7d10ea56a
SHA512

a2baa7c846b1000c4073b818fc478e98dcb534a7242a19eeee22e87dd493b2bbffbb19ea21cef5046989a071e7b0eb6e876b4e93e9e6c134f815224829568c20
SSDEEP

1536:JgajdM0t2hl9ET9xBOz3BODtysTHFQJmGh/ty:X32h7yxBGmtHQUGhFy

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

121.88.5.184

218.54.28.139

Targets

- Target
  
  5a032ae9b8bff08a1f03ed34c5485a4bc288204461b282b86c5babc7d10ea56a
- Size
  
  73KB
- MD5
  
  63ca74b30001f2d7debbb7a1fc8fe491
- SHA1
  
  1fcac20f88719f1a912f9af40b6a9e4919f90f15
- SHA256
  
  5a032ae9b8bff08a1f03ed34c5485a4bc288204461b282b86c5babc7d10ea56a
- SHA512
  
  a2baa7c846b1000c4073b818fc478e98dcb534a7242a19eeee22e87dd493b2bbffbb19ea21cef5046989a071e7b0eb6e876b4e93e9e6c134f815224829568c20
- SSDEEP
  
  1536:JgajdM0t2hl9ET9xBOz3BODtysTHFQJmGh/ty:X32h7yxBGmtHQUGhFy
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2