urelas | 006e6c769ec705e5b3b23a6e4ad795cf5af9b8c92b6ef1d59668717c1e5f6305 | Triage

Sharing

General

Target

006e6c769ec705e5b3b23a6e4ad795cf5af9b8c92b6ef1d59668717c1e5f6305
Size

1.8MB
Sample

241031-xsrcvatpem
MD5

6e952f66a99b3f8233c1189928cd205e
SHA1

3cc0b1fa84154ae3a80d9e9a3f34f36f425e3262
SHA256

006e6c769ec705e5b3b23a6e4ad795cf5af9b8c92b6ef1d59668717c1e5f6305
SHA512

7cddd48bef8374d417b5b3ce6201808e786d500ad3db9dd861d648f6f42aece62c95bcd57f7c9b73589757f861513d58074067c9e4326e1e2ef4d7d40636b263
SSDEEP

49152:dOPZY2eGXeurFnT0gmRK7oMqkKgb93Jy/ZtvUPtvh1cs28IgkA2Qhamoy:2NeGXeupnPmRK7o9kKgb930hCvh1f289

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  006e6c769ec705e5b3b23a6e4ad795cf5af9b8c92b6ef1d59668717c1e5f6305
- Size
  
  1.8MB
- MD5
  
  6e952f66a99b3f8233c1189928cd205e
- SHA1
  
  3cc0b1fa84154ae3a80d9e9a3f34f36f425e3262
- SHA256
  
  006e6c769ec705e5b3b23a6e4ad795cf5af9b8c92b6ef1d59668717c1e5f6305
- SHA512
  
  7cddd48bef8374d417b5b3ce6201808e786d500ad3db9dd861d648f6f42aece62c95bcd57f7c9b73589757f861513d58074067c9e4326e1e2ef4d7d40636b263
- SSDEEP
  
  49152:dOPZY2eGXeurFnT0gmRK7oMqkKgb93Jy/ZtvUPtvh1cs28IgkA2Qhamoy:2NeGXeupnPmRK7o9kKgb930hCvh1f289
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan