urelas | bfdb4cfcece38ae85a23834ca2bfc18aa237cc1f6a242d9b3dd06fb1e8a86b09 | Triage

Sharing

General

Target

08ac25b3ad97d78e62884941570539f0N.exe
Size

69KB
Sample

240723-znjhjs1cne
MD5

08ac25b3ad97d78e62884941570539f0
SHA1

9cd65e259018da7bc2ecc96be3133800a453e368
SHA256

bfdb4cfcece38ae85a23834ca2bfc18aa237cc1f6a242d9b3dd06fb1e8a86b09
SHA512

debe2af527ce7ec73a6f6cd29b67f737632698f3b5ef630a66f320ce084ac8d27a0398766a1ce00a1a8c92642f10434ea7fe0c910627205069e53620b7cdf49c
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawW:yLAYUzmdD0sMQl7d7IuhCaeZ

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  08ac25b3ad97d78e62884941570539f0N.exe
- Size
  
  69KB
- MD5
  
  08ac25b3ad97d78e62884941570539f0
- SHA1
  
  9cd65e259018da7bc2ecc96be3133800a453e368
- SHA256
  
  bfdb4cfcece38ae85a23834ca2bfc18aa237cc1f6a242d9b3dd06fb1e8a86b09
- SHA512
  
  debe2af527ce7ec73a6f6cd29b67f737632698f3b5ef630a66f320ce084ac8d27a0398766a1ce00a1a8c92642f10434ea7fe0c910627205069e53620b7cdf49c
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawW:yLAYUzmdD0sMQl7d7IuhCaeZ
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan