urelas | d01bb376b70bd2c3ca8470071fe67c120b54fd92d995aa7f0baf3a07d987aa83 | Triage

Submit
Reports

Overview

overview

Static

static

3

LisectAVT_...15.exe

windows7-x64

LisectAVT_...15.exe

windows10-2004-x64

Sharing

General

Target

LisectAVT_2403002B_415.exe
Size

467KB
Sample

240725-br2arszarp
MD5

07a64c8b246d9f3c87752aa3530495a5
SHA1

2d6fa4c750cc4a3dcf6cb4a8723fccdfba3f81a1
SHA256

d01bb376b70bd2c3ca8470071fe67c120b54fd92d995aa7f0baf3a07d987aa83
SHA512

25fd77cc0fe0c2204c01fb3009d261270cb668db9777d5675ac297029f98bc8b35d10fd2ed8e834842e16f88f14dca118ebf213bac6dca68c7fc9ae6de79051b
SSDEEP

12288:olJ+TFukCI+P9CcrmwEuBwUqA5qFbAGTALHaspC:00U9CcrmwEPA5qFxT7CC

Score

10^/10

urelas aspackv2 discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

LisectAVT_2403002B_415.exe

Resource

win7-20240704-en

urelas aspackv2 discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

LisectAVT_2403002B_415.exe

Resource

win10v2004-20240709-en

urelas aspackv2 discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  LisectAVT_2403002B_415.exe
- Size
  
  467KB
- MD5
  
  07a64c8b246d9f3c87752aa3530495a5
- SHA1
  
  2d6fa4c750cc4a3dcf6cb4a8723fccdfba3f81a1
- SHA256
  
  d01bb376b70bd2c3ca8470071fe67c120b54fd92d995aa7f0baf3a07d987aa83
- SHA512
  
  25fd77cc0fe0c2204c01fb3009d261270cb668db9777d5675ac297029f98bc8b35d10fd2ed8e834842e16f88f14dca118ebf213bac6dca68c7fc9ae6de79051b
- SSDEEP
  
  12288:olJ+TFukCI+P9CcrmwEuBwUqA5qFbAGTALHaspC:00U9CcrmwEPA5qFxT7CC
Score

10^/10

urelas aspackv2 discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasaspackv2discoverytrojan

behavioral2

urelasaspackv2discoverytrojan

© 2018-2024

Terms | Privacy