urelas | b588d783cf30d0eb9bce848371a6e8b32424db3d76e94a77e87261ea02a4629c | Triage

Sharing

General

Target

b588d783cf30d0eb9bce848371a6e8b32424db3d76e94a77e87261ea02a4629c.exe
Size

137KB
Sample

241123-nft4jazngk
MD5

db9632b7fd778487dd7c715b86177bdd
SHA1

ff10987a2a16d286b4cbdedccb53782d24859699
SHA256

b588d783cf30d0eb9bce848371a6e8b32424db3d76e94a77e87261ea02a4629c
SHA512

c50f4fb67deceb4cad9f54c73ecf49f396a877f6b762dd43dab2dbeebcedf58344b3e48bccb3f13371552664be13f988c6f3ffcfb15d5d2dbb0452f6774a2673
SSDEEP

1536:Uew08ukP5sZK20EGIBpwW6NeleEQ77nuUWXJmU2AjtH8oIHcpKZok9H6j:F0uk8QsH47nW5ptcoIHcpKZocM

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  b588d783cf30d0eb9bce848371a6e8b32424db3d76e94a77e87261ea02a4629c.exe
- Size
  
  137KB
- MD5
  
  db9632b7fd778487dd7c715b86177bdd
- SHA1
  
  ff10987a2a16d286b4cbdedccb53782d24859699
- SHA256
  
  b588d783cf30d0eb9bce848371a6e8b32424db3d76e94a77e87261ea02a4629c
- SHA512
  
  c50f4fb67deceb4cad9f54c73ecf49f396a877f6b762dd43dab2dbeebcedf58344b3e48bccb3f13371552664be13f988c6f3ffcfb15d5d2dbb0452f6774a2673
- SSDEEP
  
  1536:Uew08ukP5sZK20EGIBpwW6NeleEQ77nuUWXJmU2AjtH8oIHcpKZok9H6j:F0uk8QsH47nW5ptcoIHcpKZocM
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2