Extracted

• • Target

    cf8c49870e8ada3b86dff073d82adcc302f9fafbf74bcf36e152dc087ff57b52.exe

  • Size

    555KB

  • MD5

    49578e06b681e1ad56ca5fd417aef0fb

  • SHA1

    e6cbb060c5ab504f2ec3f2cc2f621eaed907727d

  • SHA256

    cf8c49870e8ada3b86dff073d82adcc302f9fafbf74bcf36e152dc087ff57b52

  • SHA512

    75f26a3d205875d322337b5398b8627e77690d8c52f8db73e4391b846d0101f8a1fc4569d3d7ba0b209d7d8af1a2c730dc59f0f4f0115da1ed7460e879907471

  • SSDEEP

    12288:zccNvdRExZGe+Q1nSoS++43x+l7QLiaEyY:znPfQp9L3olqFY

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2