urelas | 53dfaf40d6aa07950b680d4b61975f90a9fc74feb4ee5007d07995a70262f99f | Triage

Sharing

General

Target

53dfaf40d6aa07950b680d4b61975f90a9fc74feb4ee5007d07995a70262f99fN
Size

50KB
Sample

241021-ejwl4aygqn
MD5

26ab3dc9413d2223a505083f7403ed80
SHA1

0295975c24f422a0ff057a8c3e2c1d0eae180ff9
SHA256

53dfaf40d6aa07950b680d4b61975f90a9fc74feb4ee5007d07995a70262f99f
SHA512

3e5fe649ff3f18c68fd615aba2b4bf6ead1645b36160c65ff170cfebe0570358da612e35fb4b19e116b1cd18c5111038a704ed11631573c0f05e398eba99e499
SSDEEP

1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhN:KsdXfBo/DBJBGzkP5N

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.28.139

Targets

- Target
  
  53dfaf40d6aa07950b680d4b61975f90a9fc74feb4ee5007d07995a70262f99fN
- Size
  
  50KB
- MD5
  
  26ab3dc9413d2223a505083f7403ed80
- SHA1
  
  0295975c24f422a0ff057a8c3e2c1d0eae180ff9
- SHA256
  
  53dfaf40d6aa07950b680d4b61975f90a9fc74feb4ee5007d07995a70262f99f
- SHA512
  
  3e5fe649ff3f18c68fd615aba2b4bf6ead1645b36160c65ff170cfebe0570358da612e35fb4b19e116b1cd18c5111038a704ed11631573c0f05e398eba99e499
- SSDEEP
  
  1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhN:KsdXfBo/DBJBGzkP5N
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan