urelas | cc3a2bce63896a2b73dc8ff4900a3a53ded320678284ae5404eb7789025e12ed | Triage

Sharing

General

Target

cc3a2bce63896a2b73dc8ff4900a3a53ded320678284ae5404eb7789025e12ed.exe
Size

205KB
Sample

241123-de9gqaspbn
MD5

27d79dbc2774ccf79112f7809137f0b3
SHA1

ca6f32a3d35aff428bf56faab2f43f85dae2e099
SHA256

cc3a2bce63896a2b73dc8ff4900a3a53ded320678284ae5404eb7789025e12ed
SHA512

8eb6415a00071ecb3df35a6d2fe61b8e9315337ab9b4297b1e2ff5176a04fa7d90fd4b93c538f2bab140475de35b0e9a2044b913ce197137f6807bd6a83e6d71
SSDEEP

1536:cGp/ZuEvM0EK2W4w4BpLW+7h+YF8RqBjHc76XV2U2ARvDoIYTJkLAerDtw:hHuEwR712EBM6FzvDoIYTJuAem

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.77

218.54.47.74

Targets

- Target
  
  cc3a2bce63896a2b73dc8ff4900a3a53ded320678284ae5404eb7789025e12ed.exe
- Size
  
  205KB
- MD5
  
  27d79dbc2774ccf79112f7809137f0b3
- SHA1
  
  ca6f32a3d35aff428bf56faab2f43f85dae2e099
- SHA256
  
  cc3a2bce63896a2b73dc8ff4900a3a53ded320678284ae5404eb7789025e12ed
- SHA512
  
  8eb6415a00071ecb3df35a6d2fe61b8e9315337ab9b4297b1e2ff5176a04fa7d90fd4b93c538f2bab140475de35b0e9a2044b913ce197137f6807bd6a83e6d71
- SSDEEP
  
  1536:cGp/ZuEvM0EK2W4w4BpLW+7h+YF8RqBjHc76XV2U2ARvDoIYTJkLAerDtw:hHuEwR712EBM6FzvDoIYTJuAem
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan