urelas | 8ef1738bc6cfeb570785b46c33b1ed6a60a61a1a9de9875b6949349b345a179b | Triage

Sharing

General

Target

8ef1738bc6cfeb570785b46c33b1ed6a60a61a1a9de9875b6949349b345a179b.exe
Size

50KB
Sample

241118-y4jykstrdx
MD5

1162a1a3a5445eec8cc13c3601b12ebd
SHA1

ebfab69985cae8945585d0f4db399e95856113d0
SHA256

8ef1738bc6cfeb570785b46c33b1ed6a60a61a1a9de9875b6949349b345a179b
SHA512

8e433db16317a97573afdf2dedd1b426d099ac15a6e8ad86ffca7eef4994bb2bb0efe9ab96706b2436ed62b78ba8d3c5cc2671ecdd866bb151b66c3484652047
SSDEEP

1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhv:KsdXfBo/DBJBGzkP5v

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.28.139

Targets

- Target
  
  8ef1738bc6cfeb570785b46c33b1ed6a60a61a1a9de9875b6949349b345a179b.exe
- Size
  
  50KB
- MD5
  
  1162a1a3a5445eec8cc13c3601b12ebd
- SHA1
  
  ebfab69985cae8945585d0f4db399e95856113d0
- SHA256
  
  8ef1738bc6cfeb570785b46c33b1ed6a60a61a1a9de9875b6949349b345a179b
- SHA512
  
  8e433db16317a97573afdf2dedd1b426d099ac15a6e8ad86ffca7eef4994bb2bb0efe9ab96706b2436ed62b78ba8d3c5cc2671ecdd866bb151b66c3484652047
- SSDEEP
  
  1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhv:KsdXfBo/DBJBGzkP5v
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan