urelas | 46ae96d38b8c780dd42854733a45b0c9c024e215b2c44d738b1b7b2861378c5f | Triage

Sharing

General

Target

46ae96d38b8c780dd42854733a45b0c9c024e215b2c44d738b1b7b2861378c5fN.exe
Size

868KB
Sample

241205-ydyn2svpfj
MD5

dcbea4764827be169cfbf2a872b2b580
SHA1

ace7f57494fd36fce25e6f35abcd9a666a1cabbb
SHA256

46ae96d38b8c780dd42854733a45b0c9c024e215b2c44d738b1b7b2861378c5f
SHA512

67ba26a42d71c4b43609348f6b35f5522964acc1202c2c8d2f63fd971479485966c1e9b1f0345ea3e917c67e3db7fc4cfb5bc3c98c06cae48c7b66dfdc6d0721
SSDEEP

12288:BO2QLxzVhdf+5utolnQux+GthLM2X4hVc+5Y+vWcg4RalJaCvHl0h9RMXlRkh:BaLza5uDugu/CIwLkJlH2h9a16h

Score

10^/10

urelas discovery trojan

Malware Config

Targets

- Target
  
  46ae96d38b8c780dd42854733a45b0c9c024e215b2c44d738b1b7b2861378c5fN.exe
- Size
  
  868KB
- MD5
  
  dcbea4764827be169cfbf2a872b2b580
- SHA1
  
  ace7f57494fd36fce25e6f35abcd9a666a1cabbb
- SHA256
  
  46ae96d38b8c780dd42854733a45b0c9c024e215b2c44d738b1b7b2861378c5f
- SHA512
  
  67ba26a42d71c4b43609348f6b35f5522964acc1202c2c8d2f63fd971479485966c1e9b1f0345ea3e917c67e3db7fc4cfb5bc3c98c06cae48c7b66dfdc6d0721
- SSDEEP
  
  12288:BO2QLxzVhdf+5utolnQux+GthLM2X4hVc+5Y+vWcg4RalJaCvHl0h9RMXlRkh:BaLza5uDugu/CIwLkJlH2h9a16h
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan