Extracted

• • Target

    13c8f3037f5b844b11225099d04caf929c2beb823ce7b8c019cf7abc56a9f1c2

  • Size

    6.5MB

  • MD5

    2d79ee62a77a440231513194bf879df1

  • SHA1

    7a59cfc09fe94cd52d514d048b29e133b0c0b48d

  • SHA256

    13c8f3037f5b844b11225099d04caf929c2beb823ce7b8c019cf7abc56a9f1c2

  • SHA512

    854ce542f42bb05d638d121afdfb25dce43459b1f189764e8942286e4f88e374845ec1c2ae315d172b03849022244fc8914b5b9b21ef223776d18ad3f9cbcb24

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSW:i0LrA2kHKQHNk3og9unipQyOaOW

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2