urelas | 119ce6d9f4af2738ead78efc190413291fdabe445d7d54d1dbdfec498dab0594 | Triage

Sharing

General

Target

119ce6d9f4af2738ead78efc190413291fdabe445d7d54d1dbdfec498dab0594N.exe
Size

155KB
Sample

241118-x17psstjbs
MD5

af6e4b86ea8efb711d5d298600d21550
SHA1

a7e111767b2f7acdd1cc4c4239f3ef5b9dc74e1e
SHA256

119ce6d9f4af2738ead78efc190413291fdabe445d7d54d1dbdfec498dab0594
SHA512

59aaee6129df1a809a06b0de6cbb54a050cc8a8fb42c8925e53a837616b61190ec28e9dc373db2fd67f67fa964bc967538b3d5fa39c56389257e29c035c666c7
SSDEEP

3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oe:Nt2vsx+AV4LfLO

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  119ce6d9f4af2738ead78efc190413291fdabe445d7d54d1dbdfec498dab0594N.exe
- Size
  
  155KB
- MD5
  
  af6e4b86ea8efb711d5d298600d21550
- SHA1
  
  a7e111767b2f7acdd1cc4c4239f3ef5b9dc74e1e
- SHA256
  
  119ce6d9f4af2738ead78efc190413291fdabe445d7d54d1dbdfec498dab0594
- SHA512
  
  59aaee6129df1a809a06b0de6cbb54a050cc8a8fb42c8925e53a837616b61190ec28e9dc373db2fd67f67fa964bc967538b3d5fa39c56389257e29c035c666c7
- SSDEEP
  
  3072:Ntbqvi9nMKxQbZ5x66EfACsxfcYvQd2Oe:Nt2vsx+AV4LfLO
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2