Extracted

• • Target

    fd1f26ee7a772dc1af0c9de91e02dd97_JaffaCakes118

  • Size

    542KB

  • MD5

    fd1f26ee7a772dc1af0c9de91e02dd97

  • SHA1

    5258e3870e4d7df496aabece952f9f24a5541ac9

  • SHA256

    bdb91fe215249e0077ea9626a66b83533ab9644c8561fd204a9e99f744087076

  • SHA512

    446df1e07c0cb39f5f09ef898cfe8bfb709e6ee07971cef67651d631d371fcbe200e1a52233d1559489e128037b88d628cd435bbe0a9b42dcbbdfa03bfae9aeb

  • SSDEEP

    12288:T52PxDgZo3ijnieactYDG7MzZSHJcvEj8dmoSxuL:92SLi70T7MifjY

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2