Extracted

• • Target

    248008ff1889ab49c4875162701cb7d75a90579b370d09949b87be0b0ab21809N

  • Size

    80KB

  • MD5

    d496549c9fce8b3888e67a43c716f8e0

  • SHA1

    406509165e4562a8868758cd09fe19908642e7bf

  • SHA256

    248008ff1889ab49c4875162701cb7d75a90579b370d09949b87be0b0ab21809

  • SHA512

    7fc492cdf23764bbb08e78e9c2c4f7d99ff3076192e1ac7d3ceb41f0a409016715022536c38e09b5e4b3594343954327c81051f3b61f1a8555b7521166d14d5a

  • SSDEEP

    1536:9HxkDvWdB7O9dKymMyCMGni2Lz1LaRQLDEa9:9RkjWjK9ABpGzlaRQL59

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2