urelas | 90e0866295173f8de8bf1cdd3333aaa2fc986718c516f5e0d6155d3624488f01 | Triage

Sharing

General

Target

90e0866295173f8de8bf1cdd3333aaa2fc986718c516f5e0d6155d3624488f01.exe
Size

76KB
Sample

250120-ptz3dazjen
MD5

1aeebb8cf30ce19b42b7af22800c06ae
SHA1

fec32fd65e180e1b3efef558d31857d3ba510797
SHA256

90e0866295173f8de8bf1cdd3333aaa2fc986718c516f5e0d6155d3624488f01
SHA512

40bc94e025531e565eb74f881d342940d6b121e38241e1c519eb780ef8b82a2276d863ffceb84d96308a804fc595761413db5a74029fbbcd6e0af1bdab0dde73
SSDEEP

1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHITjt:Tk8yn7KdmTINQXzz4ot

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

- Target
  
  90e0866295173f8de8bf1cdd3333aaa2fc986718c516f5e0d6155d3624488f01.exe
- Size
  
  76KB
- MD5
  
  1aeebb8cf30ce19b42b7af22800c06ae
- SHA1
  
  fec32fd65e180e1b3efef558d31857d3ba510797
- SHA256
  
  90e0866295173f8de8bf1cdd3333aaa2fc986718c516f5e0d6155d3624488f01
- SHA512
  
  40bc94e025531e565eb74f881d342940d6b121e38241e1c519eb780ef8b82a2276d863ffceb84d96308a804fc595761413db5a74029fbbcd6e0af1bdab0dde73
- SSDEEP
  
  1536:+Uk8RgDXz7Kx8zzgmTlvtKrNCpbXmsz4tHITjt:Tk8yn7KdmTINQXzz4ot
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan