urelas | 88fa7feef0a78cae6f42599c78f4ee73b4f3e642f157e60aa7a3bc1ae7c7886b | Triage

Sharing

General

Target

88fa7feef0a78cae6f42599c78f4ee73b4f3e642f157e60aa7a3bc1ae7c7886bN.exe
Size

68KB
Sample

241119-zpxrkataln
MD5

78632bdfe9d5cf884b60a6b801fba1c0
SHA1

3356a1ed5c38806c4182078f93805330994cb90f
SHA256

88fa7feef0a78cae6f42599c78f4ee73b4f3e642f157e60aa7a3bc1ae7c7886b
SHA512

0b5b33705fe8f7c907bdf45c6428652155354c173e4307e8d17ea2f8389ffe02b7ed291a335a8f741a80f4d24e020e27c8a40d45952932ec556d07a6685a372b
SSDEEP

1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeOrm:l//AjMp+u2onejH2PeEm

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  88fa7feef0a78cae6f42599c78f4ee73b4f3e642f157e60aa7a3bc1ae7c7886bN.exe
- Size
  
  68KB
- MD5
  
  78632bdfe9d5cf884b60a6b801fba1c0
- SHA1
  
  3356a1ed5c38806c4182078f93805330994cb90f
- SHA256
  
  88fa7feef0a78cae6f42599c78f4ee73b4f3e642f157e60aa7a3bc1ae7c7886b
- SHA512
  
  0b5b33705fe8f7c907bdf45c6428652155354c173e4307e8d17ea2f8389ffe02b7ed291a335a8f741a80f4d24e020e27c8a40d45952932ec556d07a6685a372b
- SSDEEP
  
  1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeOrm:l//AjMp+u2onejH2PeEm
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan