urelas | a2ad3e2dcaffe6608e2c356613ad2bf5faad7a39199cb11488e3e010624f261f | Triage

Sharing

General

Target

289dfb300934e22822bcd242209ef710_JaffaCakes118
Size

59KB
Sample

240706-sl8w4asbrq
MD5

289dfb300934e22822bcd242209ef710
SHA1

ea777695d18b64596742b35b4c09fe7d606e36a2
SHA256

a2ad3e2dcaffe6608e2c356613ad2bf5faad7a39199cb11488e3e010624f261f
SHA512

b2db5495b12de305dc3240626c483046a2db62d503fad78e2d4456719c4a141ec41c02ff12e23e4abfa46999a93fa4a76e761cc883aa70af26df8ac3e8baeb12
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPm:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdR

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  289dfb300934e22822bcd242209ef710_JaffaCakes118
- Size
  
  59KB
- MD5
  
  289dfb300934e22822bcd242209ef710
- SHA1
  
  ea777695d18b64596742b35b4c09fe7d606e36a2
- SHA256
  
  a2ad3e2dcaffe6608e2c356613ad2bf5faad7a39199cb11488e3e010624f261f
- SHA512
  
  b2db5495b12de305dc3240626c483046a2db62d503fad78e2d4456719c4a141ec41c02ff12e23e4abfa46999a93fa4a76e761cc883aa70af26df8ac3e8baeb12
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPm:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdR
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2