Extracted

• • Target

    89b0d9949cf2a387f883d4aa8c4c36ff73874f4a344298978bc0ce1124839a32N

  • Size

    441KB

  • MD5

    faf00753bd81391e58835672dbaa6c70

  • SHA1

    3d4c0d2510fdf1cd65503bfb5f3e5de76f6a04c7

  • SHA256

    89b0d9949cf2a387f883d4aa8c4c36ff73874f4a344298978bc0ce1124839a32

  • SHA512

    f72989638900a72103c72d9c76e3b6fdc183eb5515152079adad332cd794b947221dddb51a756c7cd2e1451830f0751b61a49c56d93e132af6a1c29edaf7b6ca

  • SSDEEP

    12288:W33Xn66ga6ENOy+CDyepaccTCSjfkkItQU8eoPO:8Hn6/8NOy+CDQcciQpeoPO

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2