urelas | cb5fffbd700a1564046b19b3458cf4bcdc15760dcf402e4b906c9cc2b7082742 | Triage

Sharing

General

Target

cb5fffbd700a1564046b19b3458cf4bcdc15760dcf402e4b906c9cc2b7082742N
Size

80KB
Sample

241108-b8d7kasepk
MD5

90548919a9060797b4bf3759f29db290
SHA1

30dfc18f28dad95d0b97cbe80ea48b3c07c81062
SHA256

cb5fffbd700a1564046b19b3458cf4bcdc15760dcf402e4b906c9cc2b7082742
SHA512

5103f96f283fe5cb7a8f4bc0d0e60653ee721a7d7dca590d49d139e4fe86bc72742405a6fa82cd78ea6ce5eb542bc596eee6b4d8eda8d01cd9ce01cb63c5b3aa
SSDEEP

1536:zxKyhnAUfUiZR9G84qk+Be/HZ17hmZpDsxu1+:zLCEZTGx518ox6+

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.28.139

121.88.5.183

Targets

- Target
  
  cb5fffbd700a1564046b19b3458cf4bcdc15760dcf402e4b906c9cc2b7082742N
- Size
  
  80KB
- MD5
  
  90548919a9060797b4bf3759f29db290
- SHA1
  
  30dfc18f28dad95d0b97cbe80ea48b3c07c81062
- SHA256
  
  cb5fffbd700a1564046b19b3458cf4bcdc15760dcf402e4b906c9cc2b7082742
- SHA512
  
  5103f96f283fe5cb7a8f4bc0d0e60653ee721a7d7dca590d49d139e4fe86bc72742405a6fa82cd78ea6ce5eb542bc596eee6b4d8eda8d01cd9ce01cb63c5b3aa
- SSDEEP
  
  1536:zxKyhnAUfUiZR9G84qk+Be/HZ17hmZpDsxu1+:zLCEZTGx518ox6+
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan