urelas | 83ae6d49a7ade92611bde00b843111ca61fdbad3ee1b1ea0f9e61ebf293cc72d | Triage

Sharing

General

Target

83ae6d49a7ade92611bde00b843111ca61fdbad3ee1b1ea0f9e61ebf293cc72dN.exe
Size

80KB
Sample

241219-ms2hps1lhz
MD5

ad338ae350b4f9dc221a21060546a030
SHA1

d878e1f2e8f2455584963dd4caad8a33a183bd6b
SHA256

83ae6d49a7ade92611bde00b843111ca61fdbad3ee1b1ea0f9e61ebf293cc72d
SHA512

9cf123fd78efe4acfc8ee18602a5b88c26c61fc29712be56b83266d05e8dc7eb33cf40e02a2a9dba19973a0266294fe9e976b457a000833cdbbdd5aaaf100e91
SSDEEP

1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8te7s:4lnhYPlVMqmyAFIRRes

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

- Target
  
  83ae6d49a7ade92611bde00b843111ca61fdbad3ee1b1ea0f9e61ebf293cc72dN.exe
- Size
  
  80KB
- MD5
  
  ad338ae350b4f9dc221a21060546a030
- SHA1
  
  d878e1f2e8f2455584963dd4caad8a33a183bd6b
- SHA256
  
  83ae6d49a7ade92611bde00b843111ca61fdbad3ee1b1ea0f9e61ebf293cc72d
- SHA512
  
  9cf123fd78efe4acfc8ee18602a5b88c26c61fc29712be56b83266d05e8dc7eb33cf40e02a2a9dba19973a0266294fe9e976b457a000833cdbbdd5aaaf100e91
- SSDEEP
  
  1536:ml531xxqA3zM9ttjtt574bbp8Fm43AOEI0QdeFUU8te7s:4lnhYPlVMqmyAFIRRes
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan