urelas | 06e8fa3a342ff1e68d255633be15ce69663f94fd2085abcf681f923b53cbe225 | Triage

Sharing

General

Target

06e8fa3a342ff1e68d255633be15ce69663f94fd2085abcf681f923b53cbe225.exe
Size

65KB
Sample

241119-kr7bfsxqcl
MD5

47f1ada49118342368e05e35b87930f5
SHA1

91dcae3193da9114ec49172cfb8a2b88992327b2
SHA256

06e8fa3a342ff1e68d255633be15ce69663f94fd2085abcf681f923b53cbe225
SHA512

b8ddf1fe2d685b8745d818e6857e3506eafce807b98bf65916d2d4369e83768e083e1b0b3fbfc81a32d4c58c4bb1f8ee66598767992d8624512e7a74358378c8
SSDEEP

1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/T:6bQRSHpAvzyf7MzeTYT

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  06e8fa3a342ff1e68d255633be15ce69663f94fd2085abcf681f923b53cbe225.exe
- Size
  
  65KB
- MD5
  
  47f1ada49118342368e05e35b87930f5
- SHA1
  
  91dcae3193da9114ec49172cfb8a2b88992327b2
- SHA256
  
  06e8fa3a342ff1e68d255633be15ce69663f94fd2085abcf681f923b53cbe225
- SHA512
  
  b8ddf1fe2d685b8745d818e6857e3506eafce807b98bf65916d2d4369e83768e083e1b0b3fbfc81a32d4c58c4bb1f8ee66598767992d8624512e7a74358378c8
- SSDEEP
  
  1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTm/T:6bQRSHpAvzyf7MzeTYT
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan