urelas | d7a5d61abd7dd2566a85b10c0509c6de9380f23fe79589468eea79c8669ea15d | Triage

Sharing

General

Target

d7a5d61abd7dd2566a85b10c0509c6de9380f23fe79589468eea79c8669ea15d
Size

57KB
Sample

241214-ypmqxstren
MD5

7f987b52648a3805a0a48388fe18bfce
SHA1

8549fd4aff18239c3036cb402e18b096c6800465
SHA256

d7a5d61abd7dd2566a85b10c0509c6de9380f23fe79589468eea79c8669ea15d
SHA512

b351d0ad6f826e6ae25796712c70cab59daf76a7ceb7bf4023e016c41daab4fa380c3a1e99b9d77ce39cb2ea3c797f311966a1312d522d2636a29a6bee593db2
SSDEEP

1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8Dc:MOemdTd1o74qlmbbJ+x+Ikpc

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  d7a5d61abd7dd2566a85b10c0509c6de9380f23fe79589468eea79c8669ea15d
- Size
  
  57KB
- MD5
  
  7f987b52648a3805a0a48388fe18bfce
- SHA1
  
  8549fd4aff18239c3036cb402e18b096c6800465
- SHA256
  
  d7a5d61abd7dd2566a85b10c0509c6de9380f23fe79589468eea79c8669ea15d
- SHA512
  
  b351d0ad6f826e6ae25796712c70cab59daf76a7ceb7bf4023e016c41daab4fa380c3a1e99b9d77ce39cb2ea3c797f311966a1312d522d2636a29a6bee593db2
- SSDEEP
  
  1536:MQPzemdaNqAPG17k74qlmbbVgYyvxcd5jnGWqN7kS8Dc:MOemdTd1o74qlmbbJ+x+Ikpc
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan