Extracted

• • Target

    d8a3742557599b1c6df23dee49091d2ca6e0a30d1e1b9f1b324f73dfa77da166

  • Size

    441KB

  • MD5

    d1da72031f75e672f7186b06ba18db55

  • SHA1

    7ae4e7a6ccaa68732aad13cf6e5a3c65bdae789b

  • SHA256

    d8a3742557599b1c6df23dee49091d2ca6e0a30d1e1b9f1b324f73dfa77da166

  • SHA512

    a7477fa8383cca7cb1e55d5951ee95c8edbaaa1958ac7185f008db68af1920b8c51aed7be33747f6a05683bd7f22015e20dd8671ed9789de1ae9fbe934a5dd20

  • SSDEEP

    12288:W33Xn66ga6ENOy+CDyepaccTCSjfkkItQU8eoPz:8Hn6/8NOy+CDQcciQpeoPz

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2