urelas | e2e2ba4cec2ccf5bc33ec28eee08535278ac986032e0befe24ef56038e25da06 | Triage

Sharing

General

Target

e2e2ba4cec2ccf5bc33ec28eee08535278ac986032e0befe24ef56038e25da06
Size

134KB
Sample

241103-f5g69svrhx
MD5

b9d456f72aa9fddb7410de3b686aefe1
SHA1

8c461b35647a0c57134ec694eed4338e1d5dba27
SHA256

e2e2ba4cec2ccf5bc33ec28eee08535278ac986032e0befe24ef56038e25da06
SHA512

59b2b42e5c6064a9d82111151f0717fd114b79758889c402ba975a9d251a9e8d7ea2099f6448e2e5330333bc77a8e8c358cccf2a6456a5ba2ce624e4ddfd4623
SSDEEP

1536:New08ukP5sZK20EGIBpwW6NeleEQ77nuUWXJmU2AjpH/e3msYpKZZkUR0:Y0uk8QsH47nW5ppfe3msYpKZZQ

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  e2e2ba4cec2ccf5bc33ec28eee08535278ac986032e0befe24ef56038e25da06
- Size
  
  134KB
- MD5
  
  b9d456f72aa9fddb7410de3b686aefe1
- SHA1
  
  8c461b35647a0c57134ec694eed4338e1d5dba27
- SHA256
  
  e2e2ba4cec2ccf5bc33ec28eee08535278ac986032e0befe24ef56038e25da06
- SHA512
  
  59b2b42e5c6064a9d82111151f0717fd114b79758889c402ba975a9d251a9e8d7ea2099f6448e2e5330333bc77a8e8c358cccf2a6456a5ba2ce624e4ddfd4623
- SSDEEP
  
  1536:New08ukP5sZK20EGIBpwW6NeleEQ77nuUWXJmU2AjpH/e3msYpKZZkUR0:Y0uk8QsH47nW5ppfe3msYpKZZQ
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2