urelas

General

Target

f05b2d0a90ba1df0734cb30a4fc76309ddcfd39ab40338ec3b9d1cd99a43afceN.exe
Size

641KB
Sample

241216-mk8xtawqev
MD5

d61f155a04d2b2801f8219bca8fbab10
SHA1

3d93ba284f59854a7a05dd59d10f17ac02807618
SHA256

f05b2d0a90ba1df0734cb30a4fc76309ddcfd39ab40338ec3b9d1cd99a43afce
SHA512

869266800d97e573c8a48a55ad212bdc16cc216f180c52ce19c6799ac162475b0900d4179cb55985190914383bbfbb82ddfe1bf3e6c48459607edc547eb66495
SSDEEP

12288:jBjUUmQfHYO+2LI5++CHYq6gCop2KQU1TUNW7q5m:jBvmcYO+2s59QP61KQQUNWp

Score

10^/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  f05b2d0a90ba1df0734cb30a4fc76309ddcfd39ab40338ec3b9d1cd99a43afceN.exe
- Size
  
  641KB
- MD5
  
  d61f155a04d2b2801f8219bca8fbab10
- SHA1
  
  3d93ba284f59854a7a05dd59d10f17ac02807618
- SHA256
  
  f05b2d0a90ba1df0734cb30a4fc76309ddcfd39ab40338ec3b9d1cd99a43afce
- SHA512
  
  869266800d97e573c8a48a55ad212bdc16cc216f180c52ce19c6799ac162475b0900d4179cb55985190914383bbfbb82ddfe1bf3e6c48459607edc547eb66495
- SSDEEP
  
  12288:jBjUUmQfHYO+2LI5++CHYq6gCop2KQU1TUNW7q5m:jBvmcYO+2s59QP61KQQUNWp
Score

10^/10

urelas discovery trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Urelas family

Checks computer location settings

Deletes itself

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2