urelas | 281bebebebb58c2b7427630794e7fc89e55e20befe5c161cd13d08e938c02c8a | Triage

Submit
Reports

Overview

overview

Static

static

12fa601e1a...18.exe

windows7-x64

12fa601e1a...18.exe

windows10-2004-x64

Sharing

General

Target

12fa601e1afdc16b2a2b187fbdd123fd_JaffaCakes118
Size

535KB
Sample

240626-w43pkswhrg
MD5

12fa601e1afdc16b2a2b187fbdd123fd
SHA1

4d0dc330c85aa3a5a9f0d25ef603bf371a010cb3
SHA256

281bebebebb58c2b7427630794e7fc89e55e20befe5c161cd13d08e938c02c8a
SHA512

bbac40f7309db38bea9e883e4c2e7d7c8da719eea158e42ec952e8015ca26fa8feb30602cfcca4c14aef7617d5fabb74b7f69f8141eb53f00096f49407d781a9
SSDEEP

12288:cdBNKTCqqwXCcdgTw9+MvA+BisqYpxHte1oS2Q:cLjQC+bs0YOQ

Score

10^/10

urelas trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

12fa601e1afdc16b2a2b187fbdd123fd_JaffaCakes118.exe

Resource

win7-20240611-en

urelas trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

12fa601e1afdc16b2a2b187fbdd123fd_JaffaCakes118.exe

Resource

win10v2004-20240508-en

urelas trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  12fa601e1afdc16b2a2b187fbdd123fd_JaffaCakes118
- Size
  
  535KB
- MD5
  
  12fa601e1afdc16b2a2b187fbdd123fd
- SHA1
  
  4d0dc330c85aa3a5a9f0d25ef603bf371a010cb3
- SHA256
  
  281bebebebb58c2b7427630794e7fc89e55e20befe5c161cd13d08e938c02c8a
- SHA512
  
  bbac40f7309db38bea9e883e4c2e7d7c8da719eea158e42ec952e8015ca26fa8feb30602cfcca4c14aef7617d5fabb74b7f69f8141eb53f00096f49407d781a9
- SSDEEP
  
  12288:cdBNKTCqqwXCcdgTw9+MvA+BisqYpxHte1oS2Q:cLjQC+bs0YOQ
Score

10^/10

urelas trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

urelastrojanupx

behavioral2

urelastrojanupx

© 2018-2024

Terms | Privacy