Extracted

• • Target

    943e68e3fcc7e625c52c1967e898594cffda216d2db95345a057a3f3e3c51702N.exe

  • Size

    337KB

  • MD5

    a180800232f58a1f6096d76c594bf860

  • SHA1

    4f5ff11730ec328878bc3e6f23e4f060dc20b2a0

  • SHA256

    943e68e3fcc7e625c52c1967e898594cffda216d2db95345a057a3f3e3c51702

  • SHA512

    9592f1979aa1f1363203de4e125421c1697748aa033d5792f320b9ce02a1215f9e18539ad5ccac5df3f12d7301986370d45c38b1ec7504ddc0dbd1611724c852

  • SSDEEP

    6144:4x4ITLKT/MUbCYqLbbCM2dWwh3gNUie2Jy+5vmSZGpd:4x4+LmMUbXq/byKLe2JPFS

  Score

  10^/10

  urelasaspackv2discoverytrojan

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2