urelas | 3c4f7f5a6596bc789017f50ee0422e12c0bc08a211377929420b42e586f1ec90 | Triage

Sharing

General

Target

3c4f7f5a6596bc789017f50ee0422e12c0bc08a211377929420b42e586f1ec90_NeikiAnalytics.exe
Size

55KB
Sample

240702-gfe62sydrg
MD5

a585eab913c2d30588ced7befc223f10
SHA1

a531a8cea3a625d5fbdad4d7181417cb2cd15737
SHA256

3c4f7f5a6596bc789017f50ee0422e12c0bc08a211377929420b42e586f1ec90
SHA512

12eea91eeb219a9e061b5907ac9979cab90fc860eacb3aeef5fba8665efbf2d820b7593f871a193b7f393a82c1a773c8875a1f8213be86ac4de725e2c1768f9d
SSDEEP

1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHq:vMhAe5Zs091KI+JYixw49XjrX

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  3c4f7f5a6596bc789017f50ee0422e12c0bc08a211377929420b42e586f1ec90_NeikiAnalytics.exe
- Size
  
  55KB
- MD5
  
  a585eab913c2d30588ced7befc223f10
- SHA1
  
  a531a8cea3a625d5fbdad4d7181417cb2cd15737
- SHA256
  
  3c4f7f5a6596bc789017f50ee0422e12c0bc08a211377929420b42e586f1ec90
- SHA512
  
  12eea91eeb219a9e061b5907ac9979cab90fc860eacb3aeef5fba8665efbf2d820b7593f871a193b7f393a82c1a773c8875a1f8213be86ac4de725e2c1768f9d
- SSDEEP
  
  1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgHq:vMhAe5Zs091KI+JYixw49XjrX
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2