urelas | 93a1bc1e290112317455dd24863abfd338fee97ca3484f785618696270b403dd | Triage

Sharing

General

Target

93a1bc1e290112317455dd24863abfd338fee97ca3484f785618696270b403dd_NeikiAnalytics.exe
Size

55KB
Sample

240628-mps26axfkl
MD5

c58ac50b0d8ca56241e4a1a60ea401d0
SHA1

bacdbe9deb6d4f94ab92d6f4d3ad235bf6eb5b39
SHA256

93a1bc1e290112317455dd24863abfd338fee97ca3484f785618696270b403dd
SHA512

b983ea31efb609a5a27bf2288ff78773012e133f513d4fafdc54bb9983b0c16b0511c5de992fc0999dd0a0b80da5cc1c72f8add472958a4f3077a28dc277e632
SSDEEP

1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHh:vMhAe5Zs091KI+JYixw49XjrO

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  93a1bc1e290112317455dd24863abfd338fee97ca3484f785618696270b403dd_NeikiAnalytics.exe
- Size
  
  55KB
- MD5
  
  c58ac50b0d8ca56241e4a1a60ea401d0
- SHA1
  
  bacdbe9deb6d4f94ab92d6f4d3ad235bf6eb5b39
- SHA256
  
  93a1bc1e290112317455dd24863abfd338fee97ca3484f785618696270b403dd
- SHA512
  
  b983ea31efb609a5a27bf2288ff78773012e133f513d4fafdc54bb9983b0c16b0511c5de992fc0999dd0a0b80da5cc1c72f8add472958a4f3077a28dc277e632
- SSDEEP
  
  1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHh:vMhAe5Zs091KI+JYixw49XjrO
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2