urelas | 19684c0ade8e1779e1646f2c407c164d0028f4f5a9adbb79bda1234fce67a16c | Triage

Sharing

General

Target

19684c0ade8e1779e1646f2c407c164d0028f4f5a9adbb79bda1234fce67a16c.exe
Size

68KB
Sample

241218-f6gxwsvngv
MD5

4b843db0be5fe85a50d692fc422facd2
SHA1

8433f8a5dbf7a7098941e22428474418b96907c4
SHA256

19684c0ade8e1779e1646f2c407c164d0028f4f5a9adbb79bda1234fce67a16c
SHA512

abccc913e6f05332febd6937ba89da0ee9805ea68f3539ef188f28d052a25c9abb9f0f0bc1c0db53957def83a762b5de5720d7baaef6135648f5c3267bb21ef9
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarV:yLAYUzmdD0sMQl7d7IuhCaB

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  19684c0ade8e1779e1646f2c407c164d0028f4f5a9adbb79bda1234fce67a16c.exe
- Size
  
  68KB
- MD5
  
  4b843db0be5fe85a50d692fc422facd2
- SHA1
  
  8433f8a5dbf7a7098941e22428474418b96907c4
- SHA256
  
  19684c0ade8e1779e1646f2c407c164d0028f4f5a9adbb79bda1234fce67a16c
- SHA512
  
  abccc913e6f05332febd6937ba89da0ee9805ea68f3539ef188f28d052a25c9abb9f0f0bc1c0db53957def83a762b5de5720d7baaef6135648f5c3267bb21ef9
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCarV:yLAYUzmdD0sMQl7d7IuhCaB
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan