Extracted

• • Target

    47eb4a0540ac6eb96615cd6a4c692b7d9f74053dc1e86eaf7579b3d1d7c1c4b1N

  • Size

    6.5MB

  • MD5

    79f12fa6314518f39a168d7283283580

  • SHA1

    80b5395e66950b3d89be7ab10e178893918f5062

  • SHA256

    47eb4a0540ac6eb96615cd6a4c692b7d9f74053dc1e86eaf7579b3d1d7c1c4b1

  • SHA512

    77e16c30ca3e172536fb22f99da3f1f39d119aaf4596be883c6af181b703fa360343bd55e97af9817301862b9dcd4e5bad1eff18addaae899e259332cb7eab4e

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSX:i0LrA2kHKQHNk3og9unipQyOaOX

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2