urelas | 2e93646628b40f58c922acce788aacffde92a56d46b46c5f961b27f8223f0b83 | Triage

Sharing

General

Target

2e93646628b40f58c922acce788aacffde92a56d46b46c5f961b27f8223f0b83.exe
Size

80KB
Sample

241111-b4t28azere
MD5

73bcc554d3834863dde8d35fe335a85a
SHA1

8957eab9e5bc42f0968f45b78c058682d5cd571d
SHA256

2e93646628b40f58c922acce788aacffde92a56d46b46c5f961b27f8223f0b83
SHA512

c68884504f9c267079aeed489b3cd286011d06bb51f0ec9e56d7c9dd46bda5f76d6518fa0024ce48926f1879144151dab264d29878d3357084b8505523ab396e
SSDEEP

1536:UOzC0tKyIy9nOM8e5rqYJkdpzCEw2dnU4qvF:UO9Ro2rqYyXzCEwGA

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  2e93646628b40f58c922acce788aacffde92a56d46b46c5f961b27f8223f0b83.exe
- Size
  
  80KB
- MD5
  
  73bcc554d3834863dde8d35fe335a85a
- SHA1
  
  8957eab9e5bc42f0968f45b78c058682d5cd571d
- SHA256
  
  2e93646628b40f58c922acce788aacffde92a56d46b46c5f961b27f8223f0b83
- SHA512
  
  c68884504f9c267079aeed489b3cd286011d06bb51f0ec9e56d7c9dd46bda5f76d6518fa0024ce48926f1879144151dab264d29878d3357084b8505523ab396e
- SSDEEP
  
  1536:UOzC0tKyIy9nOM8e5rqYJkdpzCEw2dnU4qvF:UO9Ro2rqYyXzCEwGA
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan