urelas | a53e69fb084d3b220c7dd6e903fa48484833f303f4590adbdbc869f25424b558 | Triage

Sharing

General

Target

a53e69fb084d3b220c7dd6e903fa48484833f303f4590adbdbc869f25424b558.exe
Size

271KB
Sample

241221-3k7yhstrdq
MD5

8dcf36dbac7541e903b39079c481783f
SHA1

4da3e2ba8433500f27405fa79d4c55a7331d4506
SHA256

a53e69fb084d3b220c7dd6e903fa48484833f303f4590adbdbc869f25424b558
SHA512

7ee072cf3b38e8322584516e0909b4cc534f5ab6bcee68c364230b0dd7cbf586c83c319089f393936f5af0860f2e35e3b43f41c6e2709c31228896ab38fc2ec4
SSDEEP

6144:SPdhP7Vq2S8GYlH9LKeu5exdoW7KkYGuH6lY:uhPjSCKeu0oEYGTW

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  a53e69fb084d3b220c7dd6e903fa48484833f303f4590adbdbc869f25424b558.exe
- Size
  
  271KB
- MD5
  
  8dcf36dbac7541e903b39079c481783f
- SHA1
  
  4da3e2ba8433500f27405fa79d4c55a7331d4506
- SHA256
  
  a53e69fb084d3b220c7dd6e903fa48484833f303f4590adbdbc869f25424b558
- SHA512
  
  7ee072cf3b38e8322584516e0909b4cc534f5ab6bcee68c364230b0dd7cbf586c83c319089f393936f5af0860f2e35e3b43f41c6e2709c31228896ab38fc2ec4
- SSDEEP
  
  6144:SPdhP7Vq2S8GYlH9LKeu5exdoW7KkYGuH6lY:uhPjSCKeu0oEYGTW
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan