Extracted

• • Target

    e4bdf670b100836d64e62a38ed70178d2c80413d92ef8b55c43ef5bf3ba49d43

  • Size

    1.1MB

  • MD5

    3ea5026ec897195801d5004d320e74d5

  • SHA1

    0f7fb2862e10be5c378767e944dd9bd834ef8930

  • SHA256

    e4bdf670b100836d64e62a38ed70178d2c80413d92ef8b55c43ef5bf3ba49d43

  • SHA512

    fa747cae0042f143989ef85f6fa9cf5aff1987d0358e01db456d65b69d977028bc174a692fd4576a285e55ac513c9dbe23052ad205f46ab78bc51451e8fb847b

  • SSDEEP

    12288:tEr6bkpYN2jF7vQZmSohg+k7j6aDG4FuA6lpgTIJcqBZ5YR:tcykpY5852j6aJGl5cqB2

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2