urelas | 5cc319ed0cb07c04e03b113af0a6570dba3b8d3b4afae49649838c85b804451f | Triage

Sharing

General

Target

5cc319ed0cb07c04e03b113af0a6570dba3b8d3b4afae49649838c85b804451fN
Size

186KB
Sample

241110-dtyzjayekc
MD5

e911dbcfb35e484339e586daf7f7c5c0
SHA1

4562addd7d2964b582a2b9157eee93033feaf309
SHA256

5cc319ed0cb07c04e03b113af0a6570dba3b8d3b4afae49649838c85b804451f
SHA512

7f43278aa5d59e180d75095233b2d130691d91dda3741809488bd65adb2822de8d7e72eadb5b8d3f4d3f3433df5347c5f5e5e047a14f8c0ae3746e90bd505fd7
SSDEEP

3072:1tpCP+/oGvWSldHy64T9fQmZ+luXwy2f9LDhDAl:Tp+IrvNyhhh4yfWvO

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  5cc319ed0cb07c04e03b113af0a6570dba3b8d3b4afae49649838c85b804451fN
- Size
  
  186KB
- MD5
  
  e911dbcfb35e484339e586daf7f7c5c0
- SHA1
  
  4562addd7d2964b582a2b9157eee93033feaf309
- SHA256
  
  5cc319ed0cb07c04e03b113af0a6570dba3b8d3b4afae49649838c85b804451f
- SHA512
  
  7f43278aa5d59e180d75095233b2d130691d91dda3741809488bd65adb2822de8d7e72eadb5b8d3f4d3f3433df5347c5f5e5e047a14f8c0ae3746e90bd505fd7
- SSDEEP
  
  3072:1tpCP+/oGvWSldHy64T9fQmZ+luXwy2f9LDhDAl:Tp+IrvNyhhh4yfWvO
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan