urelas | e3a723409fef14d7a96250abd8c400fb14fcfe1f10f4464345b87af80fe46514 | Triage

Sharing

General

Target

e3a723409fef14d7a96250abd8c400fb14fcfe1f10f4464345b87af80fe46514N.exe
Size

92KB
Sample

250121-m4kz4azng1
MD5

e113be73397c63bf54b01380cf015440
SHA1

3e374d771a89ca2922489f9547e0d035695b0407
SHA256

e3a723409fef14d7a96250abd8c400fb14fcfe1f10f4464345b87af80fe46514
SHA512

2e739119c5aee3d8e08abff71104895fd58f2ab601c2dff865f2f0e21fcf79d268a601757f530653efd021b1e59720484d2c895374d7d746a392e506ebd3685a
SSDEEP

1536:iDJj/L6UWX/iDdolO4g033dsA2+n1qn1iLdp/:iDJj29G4gItR7n1qn4Ldp

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.77

218.54.47.74

Targets

- Target
  
  e3a723409fef14d7a96250abd8c400fb14fcfe1f10f4464345b87af80fe46514N.exe
- Size
  
  92KB
- MD5
  
  e113be73397c63bf54b01380cf015440
- SHA1
  
  3e374d771a89ca2922489f9547e0d035695b0407
- SHA256
  
  e3a723409fef14d7a96250abd8c400fb14fcfe1f10f4464345b87af80fe46514
- SHA512
  
  2e739119c5aee3d8e08abff71104895fd58f2ab601c2dff865f2f0e21fcf79d268a601757f530653efd021b1e59720484d2c895374d7d746a392e506ebd3685a
- SSDEEP
  
  1536:iDJj/L6UWX/iDdolO4g033dsA2+n1qn1iLdp/:iDJj29G4gItR7n1qn4Ldp
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan