urelas | a2cca36f074912bcdf5f6bf95440b70c08c9b688c52f2fa871b0faf473de5f64 | Triage

Sharing

General

Target

cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2N.exe
Size

74KB
Sample

241111-rl11tazfpk
MD5

6e1802b6153db9a4a9b2101bd93d08a8
SHA1

586622d9b959b1fec3798706b7ba769223903846
SHA256

a2cca36f074912bcdf5f6bf95440b70c08c9b688c52f2fa871b0faf473de5f64
SHA512

ba50ea3b5fbc134831df1c3436a1533f4ec2984c4d65e2f060fd432899823060b7a5618b77d8d5a82ed632e0b535073c01fd68c99fa7b9484a6ce2c5e3599b70
SSDEEP

1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHI8:Tk8yn7KdmTINQXzz4J

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  cee49aba6d9b8da17f18fc86ce25b5b93b1fe5578ea8565d62ff193b1272e1c2N.exe
- Size
  
  74KB
- MD5
  
  6e1802b6153db9a4a9b2101bd93d08a8
- SHA1
  
  586622d9b959b1fec3798706b7ba769223903846
- SHA256
  
  a2cca36f074912bcdf5f6bf95440b70c08c9b688c52f2fa871b0faf473de5f64
- SHA512
  
  ba50ea3b5fbc134831df1c3436a1533f4ec2984c4d65e2f060fd432899823060b7a5618b77d8d5a82ed632e0b535073c01fd68c99fa7b9484a6ce2c5e3599b70
- SSDEEP
  
  1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHI8:Tk8yn7KdmTINQXzz4J
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan