urelas | d5427dae893551cfc421e02625959ca41364913b8027e563ed09e12949f6004c | Triage

Sharing

General

Target

d5427dae893551cfc421e02625959ca41364913b8027e563ed09e12949f6004cN.exe
Size

67KB
Sample

241117-ead1pazhpb
MD5

f1ba7e7daa26e1a542944395df534770
SHA1

d65578addcab5f360ee4cc3e18071c4ff48b4c65
SHA256

d5427dae893551cfc421e02625959ca41364913b8027e563ed09e12949f6004c
SHA512

0c1ec46a3a521c4e8d2114efef7afaa501a8d42b07f7580716df712ab7d13fe664e7bf983b8858579f5f120649682a8c6824cc712858743764053ca6e3216f3c
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCare4:yLAYUzmdD0sMQl7d7IuhCai4

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  d5427dae893551cfc421e02625959ca41364913b8027e563ed09e12949f6004cN.exe
- Size
  
  67KB
- MD5
  
  f1ba7e7daa26e1a542944395df534770
- SHA1
  
  d65578addcab5f360ee4cc3e18071c4ff48b4c65
- SHA256
  
  d5427dae893551cfc421e02625959ca41364913b8027e563ed09e12949f6004c
- SHA512
  
  0c1ec46a3a521c4e8d2114efef7afaa501a8d42b07f7580716df712ab7d13fe664e7bf983b8858579f5f120649682a8c6824cc712858743764053ca6e3216f3c
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCare4:yLAYUzmdD0sMQl7d7IuhCai4
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan