urelas | 1b0c8f1346f68ff4d3d2552fa7ee96ae015c3ffb457f1dadf2a4f7f38a539fc9 | Triage

Sharing

General

Target

1b0c8f1346f68ff4d3d2552fa7ee96ae015c3ffb457f1dadf2a4f7f38a539fc9.exe
Size

60KB
Sample

241123-cftl8a1mek
MD5

d7959c544897d75c1204873d31c0d43b
SHA1

53da6b36adc2f998a94af3d6736a8ae95dca548a
SHA256

1b0c8f1346f68ff4d3d2552fa7ee96ae015c3ffb457f1dadf2a4f7f38a539fc9
SHA512

e7715be8923bc7a3394ab5b73a0901c7de3cdb7924c02ecac2050f8d1c50dd72d471ed43722aa46662a71a6426f5176c604a809a7e13deeceea1cc2e82b66190
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPG:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdrD

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  1b0c8f1346f68ff4d3d2552fa7ee96ae015c3ffb457f1dadf2a4f7f38a539fc9.exe
- Size
  
  60KB
- MD5
  
  d7959c544897d75c1204873d31c0d43b
- SHA1
  
  53da6b36adc2f998a94af3d6736a8ae95dca548a
- SHA256
  
  1b0c8f1346f68ff4d3d2552fa7ee96ae015c3ffb457f1dadf2a4f7f38a539fc9
- SHA512
  
  e7715be8923bc7a3394ab5b73a0901c7de3cdb7924c02ecac2050f8d1c50dd72d471ed43722aa46662a71a6426f5176c604a809a7e13deeceea1cc2e82b66190
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPG:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdrD
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan