Extracted

• • Target

    3dc683089ba0a8c6626b3207768f820d39ac1bf7f038fd77fa8756e332531127.exe

  • Size

    466KB

  • MD5

    0542083c1a2b3eff0f640709bca31c47

  • SHA1

    58b1f802ece5eab93975a56756c86c8a2ce06b0d

  • SHA256

    3dc683089ba0a8c6626b3207768f820d39ac1bf7f038fd77fa8756e332531127

  • SHA512

    db3b7fb869264fcb120cd39e562a563e9e762943def5f07b95443b93dce8adb26ab1496824923a6544a8407e6fbbea5cd25fab638dec20086d957297f7fd0e01

  • SSDEEP

    12288:m6twjLHj/8/GcHUIdPPzEmvTnabAh0ZnAr1Ui:m6tQCG0UUPzEkTn4AC1+D

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2