urelas | 914ec7a46c0855bbcffac3c21fc196c41347b60578865d2722673b7445986a04 | Triage

Sharing

General

Target

914ec7a46c0855bbcffac3c21fc196c41347b60578865d2722673b7445986a04.exe
Size

440KB
Sample

241123-l9dyassqbs
MD5

2fdc20c1e32fa67a507b5ffca485c8c2
SHA1

0b6d7cf42541f7127679a98c0e998349e15ee8f4
SHA256

914ec7a46c0855bbcffac3c21fc196c41347b60578865d2722673b7445986a04
SHA512

7ae476b7952eb479c3b7931ed71a7cf2c9f0894f5ccff2ad130c327f5a8b91f18c49c892a0a723e3ba3bc53194a39a56f7e58dce1de0a85ba6a425d136afc01a
SSDEEP

6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjC:oMpASIcWYx2U6hAJQnr

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  914ec7a46c0855bbcffac3c21fc196c41347b60578865d2722673b7445986a04.exe
- Size
  
  440KB
- MD5
  
  2fdc20c1e32fa67a507b5ffca485c8c2
- SHA1
  
  0b6d7cf42541f7127679a98c0e998349e15ee8f4
- SHA256
  
  914ec7a46c0855bbcffac3c21fc196c41347b60578865d2722673b7445986a04
- SHA512
  
  7ae476b7952eb479c3b7931ed71a7cf2c9f0894f5ccff2ad130c327f5a8b91f18c49c892a0a723e3ba3bc53194a39a56f7e58dce1de0a85ba6a425d136afc01a
- SSDEEP
  
  6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpjC:oMpASIcWYx2U6hAJQnr
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan