Extracted

• • Target

    957041f222e9267bb1f7fdbb4aed006e0dc4ba8c4922a07b43a55dc7fe2b17f4N

  • Size

    1.1MB

  • MD5

    1cd06da3cd3bca9f799fcc8df4fd76d0

  • SHA1

    d24eef01099a4daa0c26b273baf541de2cf5f577

  • SHA256

    957041f222e9267bb1f7fdbb4aed006e0dc4ba8c4922a07b43a55dc7fe2b17f4

  • SHA512

    b4a285b5596a4e04ef650bd6fadb8abb32418a2cd3271e3a2b4d0f7d990130e932f33c6af25e0d549c857145c6fc5cb59b1fe221594f0495709d619bb05fe175

  • SSDEEP

    12288:tEr6bkpYN2jF7vQZmSohg+k7j6aDG4FuA6lpgTIJcqBZ5Y1:tcykpY5852j6aJGl5cqB8

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2