urelas | cfe7edf0b19874c5786156bec7c642b944ab2ee5ebbb2b7201b566e47ae43c59 | Triage

Sharing

General

Target

0a4326e5a55dc80145a1d1257213eed0N.exe
Size

69KB
Sample

240720-y4qfcswgjf
MD5

0a4326e5a55dc80145a1d1257213eed0
SHA1

8ab73638f976782c7525fc217b80293d7c558566
SHA256

cfe7edf0b19874c5786156bec7c642b944ab2ee5ebbb2b7201b566e47ae43c59
SHA512

8ba0bffca3d7e34b9ea475afd8bf2aeaec3aef4e7cfe4a0e8ba639a0d2d2bb7929ad42122104b6d53222e6a076d7f9b154906576e32ebb9be1e7ab15245b3e4b
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawh:yLAYUzmdD0sMQl7d7IuhCae4

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  0a4326e5a55dc80145a1d1257213eed0N.exe
- Size
  
  69KB
- MD5
  
  0a4326e5a55dc80145a1d1257213eed0
- SHA1
  
  8ab73638f976782c7525fc217b80293d7c558566
- SHA256
  
  cfe7edf0b19874c5786156bec7c642b944ab2ee5ebbb2b7201b566e47ae43c59
- SHA512
  
  8ba0bffca3d7e34b9ea475afd8bf2aeaec3aef4e7cfe4a0e8ba639a0d2d2bb7929ad42122104b6d53222e6a076d7f9b154906576e32ebb9be1e7ab15245b3e4b
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawh:yLAYUzmdD0sMQl7d7IuhCae4
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2