urelas | c562276ebb24c6752847dfc97fa16c3d79f0106621c9b0eeda7e8713e222f8ab | Triage

Sharing

General

Target

c562276ebb24c6752847dfc97fa16c3d79f0106621c9b0eeda7e8713e222f8ab
Size

154KB
Sample

241106-dr6xcstejg
MD5

bbe8e829aee18186412c5aa0a0a53382
SHA1

e44472544add419c8ad1fca677cd4cceca18d02c
SHA256

c562276ebb24c6752847dfc97fa16c3d79f0106621c9b0eeda7e8713e222f8ab
SHA512

ae27a93fd3d6f9410621707db4891793f6f6d718589688f0eb5bcc8c758c4bac3b37e07fe4b4cf01ec4c74bf851a3b71b7ed2b7ad89535d2fd38f0090fcc9fdc
SSDEEP

3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oep:Nt2vsx+AV4LfLOO

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  c562276ebb24c6752847dfc97fa16c3d79f0106621c9b0eeda7e8713e222f8ab
- Size
  
  154KB
- MD5
  
  bbe8e829aee18186412c5aa0a0a53382
- SHA1
  
  e44472544add419c8ad1fca677cd4cceca18d02c
- SHA256
  
  c562276ebb24c6752847dfc97fa16c3d79f0106621c9b0eeda7e8713e222f8ab
- SHA512
  
  ae27a93fd3d6f9410621707db4891793f6f6d718589688f0eb5bcc8c758c4bac3b37e07fe4b4cf01ec4c74bf851a3b71b7ed2b7ad89535d2fd38f0090fcc9fdc
- SSDEEP
  
  3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oep:Nt2vsx+AV4LfLOO
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2