urelas | ad7810229804b52b5bf98d224dedbf023676f0a735be73bee594ab2e70678ebe | Triage

Sharing

General

Target

ad7810229804b52b5bf98d224dedbf023676f0a735be73bee594ab2e70678ebeN
Size

49KB
Sample

241028-2z6hkazbnk
MD5

921fea5bc4bd640c8328ef8d9aee3660
SHA1

1e52d474c465ff4080f4a8d0de5b2a701ff102ac
SHA256

ad7810229804b52b5bf98d224dedbf023676f0a735be73bee594ab2e70678ebe
SHA512

400598c22a695389ba6c94107dcfbf396dd84d8d8ca361b3cc3959343fd0edc1680060c8f1ff95e485a755e29871dabce762526c47649ff3f43d0bccaf12566e
SSDEEP

1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnq:It7R8fU6n8q

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  ad7810229804b52b5bf98d224dedbf023676f0a735be73bee594ab2e70678ebeN
- Size
  
  49KB
- MD5
  
  921fea5bc4bd640c8328ef8d9aee3660
- SHA1
  
  1e52d474c465ff4080f4a8d0de5b2a701ff102ac
- SHA256
  
  ad7810229804b52b5bf98d224dedbf023676f0a735be73bee594ab2e70678ebe
- SHA512
  
  400598c22a695389ba6c94107dcfbf396dd84d8d8ca361b3cc3959343fd0edc1680060c8f1ff95e485a755e29871dabce762526c47649ff3f43d0bccaf12566e
- SSDEEP
  
  1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnq:It7R8fU6n8q
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan