Extracted

• • Target

    64e60576798707f89bc28e56b8875e0e658b65b4484fc57b6116bf78675aefa4

  • Size

    75KB

  • MD5

    3c42f9df4439a980bf0b2d93de12bbfe

  • SHA1

    4854969d2323839a5b9a3686efa9437e21cb51b7

  • SHA256

    64e60576798707f89bc28e56b8875e0e658b65b4484fc57b6116bf78675aefa4

  • SHA512

    9420141a7a2c22d7e45772c06ea70607ba3b7b22adb4dd529b9f8c7994ee6454ba89e6f8c728162b44027c9ca3f531be950d6e6367e17b11a568462abdae87ca

  • SSDEEP

    1536:9HxkDvWdB7O9dKymMyCMGni2Lz1LaRQLDE/:9RkjWjK9ABpGzlaRQLU

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2