urelas | b03d274f4c9801605a7f93404eb1b179f9ecbccbdab8154000771f60214be8dd | Triage

Sharing

General

Target

177607ddc66d6e4441f9807bce157500N.exe
Size

63KB
Sample

240721-1q82nayerq
MD5

177607ddc66d6e4441f9807bce157500
SHA1

f33aa209aeb4feba7c4abfa0ce27afe208378df1
SHA256

b03d274f4c9801605a7f93404eb1b179f9ecbccbdab8154000771f60214be8dd
SHA512

a2c5cd8a16507b7c789b13215f22f00f557a8ae8330a7ad3a2e0aaac24ed85c0cb3898b7d1e8ebedd69b49d662ed41a0b4a5bfb38b84ae76aa098466383e46bb
SSDEEP

1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUDcIn:6bQRSHpAvzyf7MzeThD1n

Score

10^/10

urelas trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  177607ddc66d6e4441f9807bce157500N.exe
- Size
  
  63KB
- MD5
  
  177607ddc66d6e4441f9807bce157500
- SHA1
  
  f33aa209aeb4feba7c4abfa0ce27afe208378df1
- SHA256
  
  b03d274f4c9801605a7f93404eb1b179f9ecbccbdab8154000771f60214be8dd
- SHA512
  
  a2c5cd8a16507b7c789b13215f22f00f557a8ae8330a7ad3a2e0aaac24ed85c0cb3898b7d1e8ebedd69b49d662ed41a0b4a5bfb38b84ae76aa098466383e46bb
- SSDEEP
  
  1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUDcIn:6bQRSHpAvzyf7MzeThD1n
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2