urelas | d17502d1e449050c45b3ab633928c6d8d1ba06807672e2db2b992d635800082f | Triage

Sharing

General

Target

d17502d1e449050c45b3ab633928c6d8d1ba06807672e2db2b992d635800082f.exe
Size

60KB
Sample

241123-a4szgszjgp
MD5

fe9dceca82e5ee4555d6223e1ab9d9bd
SHA1

b6a3a81e3349fd3d47650e688e602a2cc2aa9824
SHA256

d17502d1e449050c45b3ab633928c6d8d1ba06807672e2db2b992d635800082f
SHA512

43ab171820b5de934f1ced6f0170c38ea9b00dacb744820bffbba8552f0b5ee62a9122735fbb1b04258b39b3e4ce21239581fdc1e9ccd971e5f915860f92be72
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPx:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9y

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  d17502d1e449050c45b3ab633928c6d8d1ba06807672e2db2b992d635800082f.exe
- Size
  
  60KB
- MD5
  
  fe9dceca82e5ee4555d6223e1ab9d9bd
- SHA1
  
  b6a3a81e3349fd3d47650e688e602a2cc2aa9824
- SHA256
  
  d17502d1e449050c45b3ab633928c6d8d1ba06807672e2db2b992d635800082f
- SHA512
  
  43ab171820b5de934f1ced6f0170c38ea9b00dacb744820bffbba8552f0b5ee62a9122735fbb1b04258b39b3e4ce21239581fdc1e9ccd971e5f915860f92be72
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPx:nK0GjMeQG3iaQREuVZ6ro29p4YxbKd9y
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan