Extracted

• • Target

    efd05ac1837f8f0b6d4365219370bdc9_JaffaCakes118

  • Size

    467KB

  • MD5

    efd05ac1837f8f0b6d4365219370bdc9

  • SHA1

    41e4059448115cf7ad20f49e9e4f5f5d1ac74ba4

  • SHA256

    ba79c9e3574847fb97d2bb64118de7327219c215b538f150e13f838c6c77cc98

  • SHA512

    7ab2bb50cfc95e9b2de695fc60e2fe3ad635219ba6d7cbff7f80a01949774bc05707ac76c68cc6214f06f7ef3399c34d4ce686a0be3eb11e916eb2fc6aeca658

  • SSDEEP

    12288:Y6twjLHj/8/GcHUIdPPzEmvTnabAh0ZnAr1Uc:Y6tQCG0UUPzEkTn4AC1+n

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2