urelas | 5797d226cc41b26b7b60ce3830d0057429ce80040d5dec3a17739f85377bdd52 | Triage

Sharing

General

Target

5797d226cc41b26b7b60ce3830d0057429ce80040d5dec3a17739f85377bdd52.exe
Size

66KB
Sample

241207-gksypsvmcj
MD5

b378bd856b0fbc4c1695ae2fde1c9f9b
SHA1

451fc0ba0ad186ce1bb14da99ceeb3d621727cb0
SHA256

5797d226cc41b26b7b60ce3830d0057429ce80040d5dec3a17739f85377bdd52
SHA512

890c33f467357de212bb173f4c404c281ceb4bf0475f3aa266adaacd77b5a7dc0cf357cc82012b1acad9fcab218734c01cb6b99e50c779d01af77c8c10bef6f1
SSDEEP

1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUD0/:6bQRSHpAvzyf7MzeThD0/

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  5797d226cc41b26b7b60ce3830d0057429ce80040d5dec3a17739f85377bdd52.exe
- Size
  
  66KB
- MD5
  
  b378bd856b0fbc4c1695ae2fde1c9f9b
- SHA1
  
  451fc0ba0ad186ce1bb14da99ceeb3d621727cb0
- SHA256
  
  5797d226cc41b26b7b60ce3830d0057429ce80040d5dec3a17739f85377bdd52
- SHA512
  
  890c33f467357de212bb173f4c404c281ceb4bf0475f3aa266adaacd77b5a7dc0cf357cc82012b1acad9fcab218734c01cb6b99e50c779d01af77c8c10bef6f1
- SSDEEP
  
  1536:6bQx5oPsr2vFxDPhAvzgAQzFZ77MzeTmUD0/:6bQRSHpAvzyf7MzeThD0/
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan