urelas | 1d2c7e45ffa602227f8fe77e1acd2c54236b4b3d46c2a02bd891700846609907 | Triage

Sharing

General

Target

1d2c7e45ffa602227f8fe77e1acd2c54236b4b3d46c2a02bd891700846609907
Size

57KB
Sample

241111-y1qa7aymgj
MD5

c7e1dac7a5ef88c204c6199457e9aa60
SHA1

ece6121e6147769f295b2899566edea79aae9157
SHA256

1d2c7e45ffa602227f8fe77e1acd2c54236b4b3d46c2a02bd891700846609907
SHA512

71801b047dfe033a1d65053f6f4f92909049b9cfb02c28d30c9b202fc319a666ed01ae0fdb4ae797be22c7eb16e48a2dbade8b2b09cfabea71a09bbe18ff82dd
SSDEEP

1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8H5:MOemdTd1o74qlmbbJ+x+Ik55

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  1d2c7e45ffa602227f8fe77e1acd2c54236b4b3d46c2a02bd891700846609907
- Size
  
  57KB
- MD5
  
  c7e1dac7a5ef88c204c6199457e9aa60
- SHA1
  
  ece6121e6147769f295b2899566edea79aae9157
- SHA256
  
  1d2c7e45ffa602227f8fe77e1acd2c54236b4b3d46c2a02bd891700846609907
- SHA512
  
  71801b047dfe033a1d65053f6f4f92909049b9cfb02c28d30c9b202fc319a666ed01ae0fdb4ae797be22c7eb16e48a2dbade8b2b09cfabea71a09bbe18ff82dd
- SSDEEP
  
  1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8H5:MOemdTd1o74qlmbbJ+x+Ik55
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan