urelas | 7a392492b4e488a7bc2d0be41a135081d0529877a3ac76d4832fd12cc5b982c4 | Triage

Sharing

General

Target

7a392492b4e488a7bc2d0be41a135081d0529877a3ac76d4832fd12cc5b982c4N.exe
Size

77KB
Sample

250119-tvpp9awmhr
MD5

8f572f08e35a886078f6a3c97eaa9130
SHA1

82bf02be182f81832164b42f387607cdcd20abe0
SHA256

7a392492b4e488a7bc2d0be41a135081d0529877a3ac76d4832fd12cc5b982c4
SHA512

dad129ab3a1e650cee5d3b13ba3189cdc44d880d138b6345710e003aa585e3db51f8ecf88246f36a6ce40c4795d5ff1fccea56332d197daf8d3f3ace81a5803a
SSDEEP

1536:PL2hIZA4fFfgK6xwHquw63wIl3eCEwWsg1X:PLnFYZx7CeCEwrk

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  7a392492b4e488a7bc2d0be41a135081d0529877a3ac76d4832fd12cc5b982c4N.exe
- Size
  
  77KB
- MD5
  
  8f572f08e35a886078f6a3c97eaa9130
- SHA1
  
  82bf02be182f81832164b42f387607cdcd20abe0
- SHA256
  
  7a392492b4e488a7bc2d0be41a135081d0529877a3ac76d4832fd12cc5b982c4
- SHA512
  
  dad129ab3a1e650cee5d3b13ba3189cdc44d880d138b6345710e003aa585e3db51f8ecf88246f36a6ce40c4795d5ff1fccea56332d197daf8d3f3ace81a5803a
- SSDEEP
  
  1536:PL2hIZA4fFfgK6xwHquw63wIl3eCEwWsg1X:PLnFYZx7CeCEwrk
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan