urelas | b1bd190251729685089b1ed66829b3ee94e55ada26576d510780b53bcb46f8bc | Triage

Sharing

General

Target

b1bd190251729685089b1ed66829b3ee94e55ada26576d510780b53bcb46f8bc.exe
Size

67KB
Sample

241116-vlbmpszfnr
MD5

dd8f32bd03bd2c2b69bb132c5a50b156
SHA1

afd2e4fc676ea01e158b4ce25d98fd1905c3367b
SHA256

b1bd190251729685089b1ed66829b3ee94e55ada26576d510780b53bcb46f8bc
SHA512

9b8b35e3d3e3f857ae27b656a1dce8ac0b794b45b69c0f4ceb697144d560105370edb5aab7d490dc9f3dfe5f8ce5e6d8e8438d85a167688ce089c2cfdaaaf046
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCare4:yLAYUzmdD0sMQl7d7IuhCai4

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  b1bd190251729685089b1ed66829b3ee94e55ada26576d510780b53bcb46f8bc.exe
- Size
  
  67KB
- MD5
  
  dd8f32bd03bd2c2b69bb132c5a50b156
- SHA1
  
  afd2e4fc676ea01e158b4ce25d98fd1905c3367b
- SHA256
  
  b1bd190251729685089b1ed66829b3ee94e55ada26576d510780b53bcb46f8bc
- SHA512
  
  9b8b35e3d3e3f857ae27b656a1dce8ac0b794b45b69c0f4ceb697144d560105370edb5aab7d490dc9f3dfe5f8ce5e6d8e8438d85a167688ce089c2cfdaaaf046
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCare4:yLAYUzmdD0sMQl7d7IuhCai4
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan