urelas | 3eb8178319573c09aae71dce86038f9c8812a68c3279e1b1ee7a7c36df816ef1 | Triage

Sharing

General

Target

3eb8178319573c09aae71dce86038f9c8812a68c3279e1b1ee7a7c36df816ef1.exe
Size

60KB
Sample

241123-r1nn2awqcv
MD5

14066660fe9e064688af3d0a47fe23cc
SHA1

437a2459722a4d5b894be0104d536f50ea3de021
SHA256

3eb8178319573c09aae71dce86038f9c8812a68c3279e1b1ee7a7c36df816ef1
SHA512

915bc3d120a555ba060025a673e73d5b1597629cf591cc9b359f514fac0b646ee4334fb7f2c6548b7411d5aeb83ba503e2bb98ffb629ff727a4345e614e1fb40
SSDEEP

768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPW:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaS

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  3eb8178319573c09aae71dce86038f9c8812a68c3279e1b1ee7a7c36df816ef1.exe
- Size
  
  60KB
- MD5
  
  14066660fe9e064688af3d0a47fe23cc
- SHA1
  
  437a2459722a4d5b894be0104d536f50ea3de021
- SHA256
  
  3eb8178319573c09aae71dce86038f9c8812a68c3279e1b1ee7a7c36df816ef1
- SHA512
  
  915bc3d120a555ba060025a673e73d5b1597629cf591cc9b359f514fac0b646ee4334fb7f2c6548b7411d5aeb83ba503e2bb98ffb629ff727a4345e614e1fb40
- SSDEEP
  
  768:n5mhew0GpSyMe6hwUkdwJzh+qciaQRENEzxZbARtR06g2wqp4YPeznellmqGwxPW:nK0GjMeQG3iaQREuVZ6ro29p4YxbKdaS
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan