urelas | 7990d0f4d31f9b38d6f900f38ba04b8cb6fa89fb70e3da18e135f17e4ad684a5 | Triage

Sharing

General

Target

7990d0f4d31f9b38d6f900f38ba04b8cb6fa89fb70e3da18e135f17e4ad684a5
Size

70KB
Sample

240808-2v9pes1hnk
MD5

f11948d9d4bd40eeef2080f52e0d823a
SHA1

3178e96f3e2bfef9061abfa91f6f8d98363f1ade
SHA256

7990d0f4d31f9b38d6f900f38ba04b8cb6fa89fb70e3da18e135f17e4ad684a5
SHA512

fa09cd8d57f09f1482cb1c92e4e66b0deef46fe499a58aa624c09a7242f82d3e15679830d73d8fe9199fce139690f5f50809f17781f98a94e063a1ced1391120
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawa:yLAYUzmdD0sMQl7d7IuhCae/

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  7990d0f4d31f9b38d6f900f38ba04b8cb6fa89fb70e3da18e135f17e4ad684a5
- Size
  
  70KB
- MD5
  
  f11948d9d4bd40eeef2080f52e0d823a
- SHA1
  
  3178e96f3e2bfef9061abfa91f6f8d98363f1ade
- SHA256
  
  7990d0f4d31f9b38d6f900f38ba04b8cb6fa89fb70e3da18e135f17e4ad684a5
- SHA512
  
  fa09cd8d57f09f1482cb1c92e4e66b0deef46fe499a58aa624c09a7242f82d3e15679830d73d8fe9199fce139690f5f50809f17781f98a94e063a1ced1391120
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarawa:yLAYUzmdD0sMQl7d7IuhCae/
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan