urelas | 6e456b78ccbb562d9c03339676e92961564b21aaaa1a260377fea0b8bb70df53 | Triage

Sharing

General

Target

6e456b78ccbb562d9c03339676e92961564b21aaaa1a260377fea0b8bb70df53.exe
Size

60KB
Sample

241123-bzcx5szrcj
MD5

6e65c3404ec4adc3a647a208e2bb5337
SHA1

97ebae0bfeeb9af58e5dc5d586c9dcf3ac138f0c
SHA256

6e456b78ccbb562d9c03339676e92961564b21aaaa1a260377fea0b8bb70df53
SHA512

e796ec56ceedbf637f2cc07e5344a4ec2ab781b6f732824c6023848a27b364a96d5bd6d1fdd9dda65f5ce7e38057f0b1a5af18426abc7de316b15a1de2d11e82
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPW:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdrp

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  6e456b78ccbb562d9c03339676e92961564b21aaaa1a260377fea0b8bb70df53.exe
- Size
  
  60KB
- MD5
  
  6e65c3404ec4adc3a647a208e2bb5337
- SHA1
  
  97ebae0bfeeb9af58e5dc5d586c9dcf3ac138f0c
- SHA256
  
  6e456b78ccbb562d9c03339676e92961564b21aaaa1a260377fea0b8bb70df53
- SHA512
  
  e796ec56ceedbf637f2cc07e5344a4ec2ab781b6f732824c6023848a27b364a96d5bd6d1fdd9dda65f5ce7e38057f0b1a5af18426abc7de316b15a1de2d11e82
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPW:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdrp
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan