Extracted

• • Target

    938a9946bd7de4609cf4fce1e7a818b55c5f29dd06c92d3519e6b8841582d26bN

  • Size

    59KB

  • MD5

    1aaeba15a7030b2bc9de05e6f901d290

  • SHA1

    2eed0b456247f0e5465dfc754614ea1c6fa1e6f4

  • SHA256

    938a9946bd7de4609cf4fce1e7a818b55c5f29dd06c92d3519e6b8841582d26b

  • SHA512

    99d1f9a7736a1e11ff500bf3d89615ab1b9e205fc657073a4b67bf837f57d4e1e7a0fee19f5b62eaf5faf599125681b3d48f17579ce0be06e5e1ef842f1dcc7e

  • SSDEEP

    1536:6W82C0Db1edMckBI1kmJAhTPY6pnouy8t:6n25DbaMySmJAhbvoutt

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2