urelas | 46426f9f0d2de6b445f6041c0719e4e72e0b4913c99e364acbe4d29aea87df4f | Triage

Sharing

General

Target

46426f9f0d2de6b445f6041c0719e4e72e0b4913c99e364acbe4d29aea87df4f.exe
Size

77KB
Sample

241219-b2s25sskbq
MD5

97b11e51b33e17cf11bea701cb05a63a
SHA1

009e548758a7624212e527a2e07bff653a076268
SHA256

46426f9f0d2de6b445f6041c0719e4e72e0b4913c99e364acbe4d29aea87df4f
SHA512

ac623e3bd344ac2c818fdb980cffc337bd2256a882ea7110b4584b66f7db20b273e454c18692e0d0b7b289e67782c97a4e01d728e4b12b3b3722c10e506932a4
SSDEEP

1536:1D433Oe20lleqbmruXP+9E5KJ+e8Xwhpf+:1Dcpl1mrE+EeBJfm

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

- Target
  
  46426f9f0d2de6b445f6041c0719e4e72e0b4913c99e364acbe4d29aea87df4f.exe
- Size
  
  77KB
- MD5
  
  97b11e51b33e17cf11bea701cb05a63a
- SHA1
  
  009e548758a7624212e527a2e07bff653a076268
- SHA256
  
  46426f9f0d2de6b445f6041c0719e4e72e0b4913c99e364acbe4d29aea87df4f
- SHA512
  
  ac623e3bd344ac2c818fdb980cffc337bd2256a882ea7110b4584b66f7db20b273e454c18692e0d0b7b289e67782c97a4e01d728e4b12b3b3722c10e506932a4
- SSDEEP
  
  1536:1D433Oe20lleqbmruXP+9E5KJ+e8Xwhpf+:1Dcpl1mrE+EeBJfm
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan