urelas | 8e5370bd6cd3a3461f6f7a2eaa6f10616e619af175cc92b4aa75351858b83978 | Triage

Sharing

General

Target

8e5370bd6cd3a3461f6f7a2eaa6f10616e619af175cc92b4aa75351858b83978.exe
Size

60KB
Sample

241122-qbdl4a1lht
MD5

5ba5a1536aad80076aa9ade35913a1fa
SHA1

4e2bef0a39a1d7b635aac94c0883aedbc41e3ce6
SHA256

8e5370bd6cd3a3461f6f7a2eaa6f10616e619af175cc92b4aa75351858b83978
SHA512

0171bfd75668959e6bf85032b267196ab64db6466a88c7a907cf2959399bdd97bdd5497aa4e9df6fad90cd20fd4a0e2d36f4bc1834eef2ca8f4faed6e5252705
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPh:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9a

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  8e5370bd6cd3a3461f6f7a2eaa6f10616e619af175cc92b4aa75351858b83978.exe
- Size
  
  60KB
- MD5
  
  5ba5a1536aad80076aa9ade35913a1fa
- SHA1
  
  4e2bef0a39a1d7b635aac94c0883aedbc41e3ce6
- SHA256
  
  8e5370bd6cd3a3461f6f7a2eaa6f10616e619af175cc92b4aa75351858b83978
- SHA512
  
  0171bfd75668959e6bf85032b267196ab64db6466a88c7a907cf2959399bdd97bdd5497aa4e9df6fad90cd20fd4a0e2d36f4bc1834eef2ca8f4faed6e5252705
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPh:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9a
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan