urelas | 089da7a86c5daf69e63559040687a8a5b2a6b7881820f90db80224ea5a685040 | Triage

Sharing

General

Target

089da7a86c5daf69e63559040687a8a5b2a6b7881820f90db80224ea5a685040N
Size

154KB
Sample

241026-dgjn3swmbl
MD5

eddb417befd01fa0e5219bca10c92a90
SHA1

67a0c0d1572a40d62a2c1ba36c4c5029a71acff1
SHA256

089da7a86c5daf69e63559040687a8a5b2a6b7881820f90db80224ea5a685040
SHA512

ca2a0ce00c7f5d869f550d2a683f4a6585ec993f3eedac1c48511bba3dd47d988632b737c0b2bc03c07c891c72c6819f4b9e17f1aba231c70f1385e4f45e6664
SSDEEP

3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oey:Nt2vsx+AV4LfLOn

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  089da7a86c5daf69e63559040687a8a5b2a6b7881820f90db80224ea5a685040N
- Size
  
  154KB
- MD5
  
  eddb417befd01fa0e5219bca10c92a90
- SHA1
  
  67a0c0d1572a40d62a2c1ba36c4c5029a71acff1
- SHA256
  
  089da7a86c5daf69e63559040687a8a5b2a6b7881820f90db80224ea5a685040
- SHA512
  
  ca2a0ce00c7f5d869f550d2a683f4a6585ec993f3eedac1c48511bba3dd47d988632b737c0b2bc03c07c891c72c6819f4b9e17f1aba231c70f1385e4f45e6664
- SSDEEP
  
  3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oey:Nt2vsx+AV4LfLOn
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2