Extracted

• • Target

    e0eea53865c8e162435e5bf2b219381d_JaffaCakes118

  • Size

    1.1MB

  • MD5

    e0eea53865c8e162435e5bf2b219381d

  • SHA1

    cdd282845bb50f3c115108fa4485a3abb3980a83

  • SHA256

    db9d6d3ed9258a610131a77dc9da1f0bf67070238327e5769fe81507e72576a0

  • SHA512

    04351fb1d86507be7c9d1ec4d7f4f1d6e1d6fb3c0df8d22f9d614c554fc396c6caa068fe719f116007c8d0d6f6d7ea02f85b9173d7ff6923b39f3c96214e3f4a

  • SSDEEP

    12288:tEr6bkpYN2jF7vQZmSohg+k7j6aDG4FuA6lpgTIJcqBZ5Y6:tcykpY5852j6aJGl5cqBx

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2