urelas | e5bc7b98e37ad707d75987e18042c45b0e2ab54ffd1196c4a6dcead24dcf8825 | Triage

Sharing

General

Target

e5bc7b98e37ad707d75987e18042c45b0e2ab54ffd1196c4a6dcead24dcf8825N
Size

80KB
Sample

241111-yb29fsvcmn
MD5

8225bb2bc15f171355b91fadbbdf4fb0
SHA1

865b059fbbe9c4907430bf716122537fbe6b13d1
SHA256

e5bc7b98e37ad707d75987e18042c45b0e2ab54ffd1196c4a6dcead24dcf8825
SHA512

1806c904600eca97dfc0a104ad7ba1cbfa855d449b379fade927f431e456f834345350e7f3cbcb884341dd4d14fc04ff05614f4241a67559723b9e2248f328b8
SSDEEP

1536:UOzC0tKyIy9nOM8e5rqYJkdpzCEw2dnU4qvQ:UO9Ro2rqYyXzCEwG1

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  e5bc7b98e37ad707d75987e18042c45b0e2ab54ffd1196c4a6dcead24dcf8825N
- Size
  
  80KB
- MD5
  
  8225bb2bc15f171355b91fadbbdf4fb0
- SHA1
  
  865b059fbbe9c4907430bf716122537fbe6b13d1
- SHA256
  
  e5bc7b98e37ad707d75987e18042c45b0e2ab54ffd1196c4a6dcead24dcf8825
- SHA512
  
  1806c904600eca97dfc0a104ad7ba1cbfa855d449b379fade927f431e456f834345350e7f3cbcb884341dd4d14fc04ff05614f4241a67559723b9e2248f328b8
- SSDEEP
  
  1536:UOzC0tKyIy9nOM8e5rqYJkdpzCEw2dnU4qvQ:UO9Ro2rqYyXzCEwG1
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan