urelas | 66798c123996bfdfcb15eb67af33ae27352325bf55a7215be3d827bf7e8fb9b2 | Triage

Sharing

General

Target

66798c123996bfdfcb15eb67af33ae27352325bf55a7215be3d827bf7e8fb9b2.exe
Size

60KB
Sample

241120-2sgkvszkhn
MD5

71d14b003ceebb2f1fc12c81ad3347f0
SHA1

dbf66776e4bd9ababc133802773fb2a30770e673
SHA256

66798c123996bfdfcb15eb67af33ae27352325bf55a7215be3d827bf7e8fb9b2
SHA512

66f1bcc388e734e116776e4ac59879df4cb63fe40415ced19937c56b1acff53788014244e7b21a548c97d9e9f44bcf644ff4fbeac7a724ec2e82071caf2e7e3e
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP2:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaa

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  66798c123996bfdfcb15eb67af33ae27352325bf55a7215be3d827bf7e8fb9b2.exe
- Size
  
  60KB
- MD5
  
  71d14b003ceebb2f1fc12c81ad3347f0
- SHA1
  
  dbf66776e4bd9ababc133802773fb2a30770e673
- SHA256
  
  66798c123996bfdfcb15eb67af33ae27352325bf55a7215be3d827bf7e8fb9b2
- SHA512
  
  66f1bcc388e734e116776e4ac59879df4cb63fe40415ced19937c56b1acff53788014244e7b21a548c97d9e9f44bcf644ff4fbeac7a724ec2e82071caf2e7e3e
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP2:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaa
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan