urelas | 97ab784f69e8ec7639d6769ccf802578e02530e3bcac5ede8ca739b1efe9675b | Triage

Sharing

General

Target

97ab784f69e8ec7639d6769ccf802578e02530e3bcac5ede8ca739b1efe9675b
Size

69KB
Sample

240702-a89g2atfpr
MD5

5eec26e44af74ee197c86c818695481f
SHA1

53f2cd46774b850c69551851e096e20b089efafb
SHA256

97ab784f69e8ec7639d6769ccf802578e02530e3bcac5ede8ca739b1efe9675b
SHA512

279ca61e3e2faa70b3730c8bcc2f394acc19fa1520ff316fbed54ac6999d7d50b433759e487709ca327168d26fbbcea6f2af3079d23b953362fdde571e225abb
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCaraw1:yLAYUzmdD0sMQl7d7IuhCaew

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  97ab784f69e8ec7639d6769ccf802578e02530e3bcac5ede8ca739b1efe9675b
- Size
  
  69KB
- MD5
  
  5eec26e44af74ee197c86c818695481f
- SHA1
  
  53f2cd46774b850c69551851e096e20b089efafb
- SHA256
  
  97ab784f69e8ec7639d6769ccf802578e02530e3bcac5ede8ca739b1efe9675b
- SHA512
  
  279ca61e3e2faa70b3730c8bcc2f394acc19fa1520ff316fbed54ac6999d7d50b433759e487709ca327168d26fbbcea6f2af3079d23b953362fdde571e225abb
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCaraw1:yLAYUzmdD0sMQl7d7IuhCaew
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2