urelas | 2555e6c06752824e598d2b799c3ba46070503bf3ae41289748b7dd72ad160c0c | Triage

Sharing

General

Target

2555e6c06752824e598d2b799c3ba46070503bf3ae41289748b7dd72ad160c0c.exe
Size

74KB
Sample

241117-n6efrszckj
MD5

f955f11a2c9f7c0e9f13aa8f2a879fe3
SHA1

efba0b7958d46325aafff0a154843d74ab045e2d
SHA256

2555e6c06752824e598d2b799c3ba46070503bf3ae41289748b7dd72ad160c0c
SHA512

43e61abb36b53e3e985a07915c2a3d6089d4be9f4061434abea055901ce61226716d272cfcb57e806659076a9bd3c60bddf961c9e3cfc7b51f25b732a56aadcd
SSDEEP

1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIO:Tk8yn7KdmTINQXzz4L

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  2555e6c06752824e598d2b799c3ba46070503bf3ae41289748b7dd72ad160c0c.exe
- Size
  
  74KB
- MD5
  
  f955f11a2c9f7c0e9f13aa8f2a879fe3
- SHA1
  
  efba0b7958d46325aafff0a154843d74ab045e2d
- SHA256
  
  2555e6c06752824e598d2b799c3ba46070503bf3ae41289748b7dd72ad160c0c
- SHA512
  
  43e61abb36b53e3e985a07915c2a3d6089d4be9f4061434abea055901ce61226716d272cfcb57e806659076a9bd3c60bddf961c9e3cfc7b51f25b732a56aadcd
- SSDEEP
  
  1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHIO:Tk8yn7KdmTINQXzz4L
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan