Extracted

• • Target

    7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47N

  • Size

    6.5MB

  • MD5

    5a0997fb887c620d2815135e9a8f9e00

  • SHA1

    b60b295c2ee512364978eb9d0dad3de46ab91a80

  • SHA256

    7a58a6437cd79cc23d9a1692c1749a474d2c33398d16744c57b04b3823407d47

  • SHA512

    99eaa2bd1e12fa9f07458930e59b66fa5e9370983df605189c6b2dc147a2389c0bf668bed010512b432f705635fa071359dbd6ae499ee7653e2649a100b70b68

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSq:i0LrA2kHKQHNk3og9unipQyOaOq

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2