urelas | f62773b0e49f58106cdb666277dcd09e1834564ccead7e78385f1d789cc51019 | Triage

Sharing

General

Target

f62773b0e49f58106cdb666277dcd09e1834564ccead7e78385f1d789cc51019.exe
Size

74KB
Sample

241116-shbr7axnhz
MD5

34114a8387be3d36a5eef6fa34679a54
SHA1

94ee77460b768e2673dbf65485e8f9e8508b29be
SHA256

f62773b0e49f58106cdb666277dcd09e1834564ccead7e78385f1d789cc51019
SHA512

f7d88d144eee62924216eb4d750eb141535e7d6b49e979fd7f42db74f2d899b3c3a8e3ea1979102f601c8d54831a3c6d2a2be49540509b5451b2e9c7c11ed40f
SSDEEP

1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIsV:Tk8yn7KdmTINQXzz4VV

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  f62773b0e49f58106cdb666277dcd09e1834564ccead7e78385f1d789cc51019.exe
- Size
  
  74KB
- MD5
  
  34114a8387be3d36a5eef6fa34679a54
- SHA1
  
  94ee77460b768e2673dbf65485e8f9e8508b29be
- SHA256
  
  f62773b0e49f58106cdb666277dcd09e1834564ccead7e78385f1d789cc51019
- SHA512
  
  f7d88d144eee62924216eb4d750eb141535e7d6b49e979fd7f42db74f2d899b3c3a8e3ea1979102f601c8d54831a3c6d2a2be49540509b5451b2e9c7c11ed40f
- SSDEEP
  
  1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIsV:Tk8yn7KdmTINQXzz4VV
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan