Extracted

• • Target

    0f83750854c1d9e4d4b2d2c987f59b752fa22895bf4d0c2a775e9792759b90e2

  • Size

    323KB

  • MD5

    e6520cda3302a4a8df9e1f143e734a91

  • SHA1

    3db20c8a148e73bc82627fbd2d6f0c1614503c31

  • SHA256

    0f83750854c1d9e4d4b2d2c987f59b752fa22895bf4d0c2a775e9792759b90e2

  • SHA512

    5a7cc1722dff2e8ab3dcfeaf55f49f569463a9d7dd8b684a03c69a586192db6dfcceb39ab77c3053f673a83c790a79c8472fc2c063bbd05dbf5c35c27d644dc1

  • SSDEEP

    6144:cEo/rmV71+I8ZD/h/vFfhxxQO4B4tqv+Hq/On1NHwBzQ4bed76a3FoSx09:cEo/6YnZVB1rkAqcNAzQCed7J1oSG

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2