urelas | 7b366eaa79a016d841c81103b445ee38f588ae52e6acd02dcffdf475445583e1 | Triage

Sharing

General

Target

255615d7f6aff559589d0e167d18dcd0N.exe
Size

52KB
Sample

240717-24ekmsterq
MD5

255615d7f6aff559589d0e167d18dcd0
SHA1

3e78e128d2345544c450167ec27f72ec641335d5
SHA256

7b366eaa79a016d841c81103b445ee38f588ae52e6acd02dcffdf475445583e1
SHA512

d6ae94b639fe44a6b88dbc1c211460495fbfb3d7c4c34e5fd120c58b07bcb8bd5b6aa691a47f3f74f48a0304784c421ec237cad00212e1f817b740a08749561c
SSDEEP

1536:TlnBzGPEdPJpUI4QP4BDK3XmbPfKJ97ife:JnBGPUMQwBDamb3a7i2

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  255615d7f6aff559589d0e167d18dcd0N.exe
- Size
  
  52KB
- MD5
  
  255615d7f6aff559589d0e167d18dcd0
- SHA1
  
  3e78e128d2345544c450167ec27f72ec641335d5
- SHA256
  
  7b366eaa79a016d841c81103b445ee38f588ae52e6acd02dcffdf475445583e1
- SHA512
  
  d6ae94b639fe44a6b88dbc1c211460495fbfb3d7c4c34e5fd120c58b07bcb8bd5b6aa691a47f3f74f48a0304784c421ec237cad00212e1f817b740a08749561c
- SSDEEP
  
  1536:TlnBzGPEdPJpUI4QP4BDK3XmbPfKJ97ife:JnBGPUMQwBDamb3a7i2
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2