Extracted

• • Target

    c5cce1b5304d25ddb32e2e8df34aafcd610fcf50249f44c7e21bf85c8e986f32N.exe

  • Size

    6.5MB

  • MD5

    b42065846911937cc82d51116d7a47f0

  • SHA1

    e806bdeed3689d796a093d7699cb05f6df434805

  • SHA256

    c5cce1b5304d25ddb32e2e8df34aafcd610fcf50249f44c7e21bf85c8e986f32

  • SHA512

    b38f502b35b3cb0c80889c86d670edf736a5ecde85e127fcef337635faa027c28a88d53f02e7bfdf61ef94ce0ed713d2e5b14c1df089d1dfb3674c07a9b9b9c0

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVS/:i0LrA2kHKQHNk3og9unipQyOaO/

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2