urelas | 4089e8cb86665774740bf6e4f8242de907444e659d14d0a28e75aebe44062284 | Triage

Sharing

General

Target

4089e8cb86665774740bf6e4f8242de907444e659d14d0a28e75aebe44062284.exe
Size

60KB
Sample

241123-ftdppsyqcs
MD5

d846322be4729848ee9dbf28ef5299db
SHA1

4760c092f090bed8e5d3157923f84c008ff0c033
SHA256

4089e8cb86665774740bf6e4f8242de907444e659d14d0a28e75aebe44062284
SHA512

c81da35318da19154ba73b4e43b9ed4bc908786df7a68f760d390f9cf8cd676f0f0d72100e529c515c6fa1cab77f9458e1977419d11a564e3058e160a6f35004
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP9:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaB

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  4089e8cb86665774740bf6e4f8242de907444e659d14d0a28e75aebe44062284.exe
- Size
  
  60KB
- MD5
  
  d846322be4729848ee9dbf28ef5299db
- SHA1
  
  4760c092f090bed8e5d3157923f84c008ff0c033
- SHA256
  
  4089e8cb86665774740bf6e4f8242de907444e659d14d0a28e75aebe44062284
- SHA512
  
  c81da35318da19154ba73b4e43b9ed4bc908786df7a68f760d390f9cf8cd676f0f0d72100e529c515c6fa1cab77f9458e1977419d11a564e3058e160a6f35004
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxP9:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaB
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan