urelas | 6c0bf34ab9fea5131166877282eff6933f3d798928ba76ab0f85e17c486c18df | Triage

Sharing

General

Target

6c0bf34ab9fea5131166877282eff6933f3d798928ba76ab0f85e17c486c18df_NeikiAnalytics.exe
Size

370KB
Sample

240624-npf82atcmj
MD5

1532e9fd97ee6339d8bcc668457959e0
SHA1

d97a7ca7e036930786f5bd7df43148cb1e4018c1
SHA256

6c0bf34ab9fea5131166877282eff6933f3d798928ba76ab0f85e17c486c18df
SHA512

9999dbac2b93d38c413dbe6e43fc9104d9b463ea33d6046615a2c80a81c1fb173b43ae7a72bb432c440adece2a5da41f62119e61dbf537d34910752fb01c65a7
SSDEEP

6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pii:CzGL2C2aZ2/F1WHHUaveOHjTei

Score

10^/10

urelas trojan

Malware Config

Targets

- Target
  
  6c0bf34ab9fea5131166877282eff6933f3d798928ba76ab0f85e17c486c18df_NeikiAnalytics.exe
- Size
  
  370KB
- MD5
  
  1532e9fd97ee6339d8bcc668457959e0
- SHA1
  
  d97a7ca7e036930786f5bd7df43148cb1e4018c1
- SHA256
  
  6c0bf34ab9fea5131166877282eff6933f3d798928ba76ab0f85e17c486c18df
- SHA512
  
  9999dbac2b93d38c413dbe6e43fc9104d9b463ea33d6046615a2c80a81c1fb173b43ae7a72bb432c440adece2a5da41f62119e61dbf537d34910752fb01c65a7
- SSDEEP
  
  6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pii:CzGL2C2aZ2/F1WHHUaveOHjTei
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2