Extracted

• • Target

    db1482a7ee52214653ca6d7753987d30c65fdfd0b4f895e0fb0380885b391c25N

  • Size

    6.5MB

  • MD5

    d657389a8b15c067fe486d3bf3aab900

  • SHA1

    38b732ea7c6c556cf90b1a03fb17bb9ec9a5cc0f

  • SHA256

    db1482a7ee52214653ca6d7753987d30c65fdfd0b4f895e0fb0380885b391c25

  • SHA512

    69c4464ea692b44008cb0f0c0480ae4183c9bc4d5926ab4969b4a653cbe48191e59b4c5010d7470ed00a364797767836219577effe9c47c8a37d68f5de36865d

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSG:i0LrA2kHKQHNk3og9unipQyOaOG

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2