Extracted

• • Target

    18193e28a0cd76747a843fe84b315e5f059a2d7feadf5a9b47169b07706fa61bN.exe

  • Size

    353KB

  • MD5

    59a1e5e298fb37eb0f8cd60a60503310

  • SHA1

    9838038dc6cd8436aa970c3770158736771f8b7e

  • SHA256

    18193e28a0cd76747a843fe84b315e5f059a2d7feadf5a9b47169b07706fa61b

  • SHA512

    33c1c884dd05b4c9feabd12b26e9e668b6d04be0ba2f196f113749dcdd6da74f591d19fb0f30593da35a38c987e299d038e7580c95254905c4cee31c3e02f74f

  • SSDEEP

    6144:n1KY1Atydsa9tJKNjyulRZIXE/b3MXyxX5DJ7NfY/E8L+0dHqTxBK8x+7iN3p9:nx+ydx9tSNlTIU/b37dJ75WEe+eKTxB3

  Score

  10^/10

  urelasaspackv2discoverytrojan

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2