urelas | 052b0085bf1f5554a96b15fff17e56ce47187c8392b1c74ef653536c4f7cccc0 | Triage

Sharing

General

Target

052b0085bf1f5554a96b15fff17e56ce47187c8392b1c74ef653536c4f7cccc0
Size

94KB
Sample

240709-wy6t2sxgpj
MD5

268c77328410842c8f27c185cf8d3457
SHA1

0091b0533ce4ac188124afd536c7ef5e8f87037f
SHA256

052b0085bf1f5554a96b15fff17e56ce47187c8392b1c74ef653536c4f7cccc0
SHA512

03905e0668021d51a2fdea5501a74853cf1161057e41050b9000b8ce3dd856f9d4a36226eb78e6bd859b174d74d487d7e8fe35c22b168a0f4e15791727aeea23
SSDEEP

1536:VZYFIYC4qWCbHh5HeEHAOCKhlBvm1J4WMF4Zb:VZzK1CDeSCUeE4Zb

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

- Target
  
  052b0085bf1f5554a96b15fff17e56ce47187c8392b1c74ef653536c4f7cccc0
- Size
  
  94KB
- MD5
  
  268c77328410842c8f27c185cf8d3457
- SHA1
  
  0091b0533ce4ac188124afd536c7ef5e8f87037f
- SHA256
  
  052b0085bf1f5554a96b15fff17e56ce47187c8392b1c74ef653536c4f7cccc0
- SHA512
  
  03905e0668021d51a2fdea5501a74853cf1161057e41050b9000b8ce3dd856f9d4a36226eb78e6bd859b174d74d487d7e8fe35c22b168a0f4e15791727aeea23
- SSDEEP
  
  1536:VZYFIYC4qWCbHh5HeEHAOCKhlBvm1J4WMF4Zb:VZzK1CDeSCUeE4Zb
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2