urelas | 46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

46b06d0169...4N.exe

windows7-x64

46b06d0169...4N.exe

windows10-2004-x64

7

Sharing

General

Target

46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554N
Size

371KB
Sample

241004-ayyyjsvenj
MD5

daba502d270d8c7970e6413e70ad64f0
SHA1

64c12ff1354120dff0c71955d7639167941cd06a
SHA256

46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554
SHA512

a33791bb0d18cda7b3591b5f2088ed2f7f1c6f72d28cbf7ac34a49d60b4363f8f5866297c0a30616f74c6ccb256f98d88a97f4178d7a2387d8a3ccaecd94f2cf
SSDEEP

6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pl1:CzGL2C2aZ2/F1WHHUaveOHjT/

Score

10^/10

urelas discovery trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554N.exe

Resource

win7-20240903-en

urelas discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554N.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554N
- Size
  
  371KB
- MD5
  
  daba502d270d8c7970e6413e70ad64f0
- SHA1
  
  64c12ff1354120dff0c71955d7639167941cd06a
- SHA256
  
  46b06d0169d9e4331fac4aa4bcc0af6b359f7c7cb287bf26af4744705eca7554
- SHA512
  
  a33791bb0d18cda7b3591b5f2088ed2f7f1c6f72d28cbf7ac34a49d60b4363f8f5866297c0a30616f74c6ccb256f98d88a97f4178d7a2387d8a3ccaecd94f2cf
- SSDEEP
  
  6144:CuJkl8DV12C28tLN2/FkCOfHVm0fMaHftvCGCBhDOHjTPmXHk62pl1:CzGL2C2aZ2/F1WHHUaveOHjT/
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

© 2018-2025

Terms | Privacy