urelas | 2ea06962cf347329a322f6b0ffb8af20293b5ce5d39ae6279227c1d576dfc303 | Triage

Sharing

General

Target

2ea06962cf347329a322f6b0ffb8af20293b5ce5d39ae6279227c1d576dfc303N.exe
Size

76KB
Sample

250119-wf16vayney
MD5

77afbce8a229bea4c81fe1058f3681a0
SHA1

7447d2564fdd6bea1befc150d59c85b47c8c9f1f
SHA256

2ea06962cf347329a322f6b0ffb8af20293b5ce5d39ae6279227c1d576dfc303
SHA512

de10642ea552afe2f8fcc34e63af55dbfc1cfc94467f9845b25484997060125918b26a01ee46456d53ddf82b319526ab5184a14def0771088407fd227f4c57de
SSDEEP

1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHITjt:Tk8yn7KdmTINQXzz4ot

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  2ea06962cf347329a322f6b0ffb8af20293b5ce5d39ae6279227c1d576dfc303N.exe
- Size
  
  76KB
- MD5
  
  77afbce8a229bea4c81fe1058f3681a0
- SHA1
  
  7447d2564fdd6bea1befc150d59c85b47c8c9f1f
- SHA256
  
  2ea06962cf347329a322f6b0ffb8af20293b5ce5d39ae6279227c1d576dfc303
- SHA512
  
  de10642ea552afe2f8fcc34e63af55dbfc1cfc94467f9845b25484997060125918b26a01ee46456d53ddf82b319526ab5184a14def0771088407fd227f4c57de
- SSDEEP
  
  1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHITjt:Tk8yn7KdmTINQXzz4ot
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan