urelas | 9d823261ae50a05dd8e077ce05fd7b4b7b0ad13bd80d635fff1aa3b84a1cc5f8 | Triage

Sharing

General

Target

9d823261ae50a05dd8e077ce05fd7b4b7b0ad13bd80d635fff1aa3b84a1cc5f8N.exe
Size

57KB
Sample

250121-mxd8zazlcs
MD5

9efa52605ac53b7ca2697c1592885300
SHA1

0292c3495e4f9131f170fc4a8f239d33b22b7788
SHA256

9d823261ae50a05dd8e077ce05fd7b4b7b0ad13bd80d635fff1aa3b84a1cc5f8
SHA512

740059f1c76b5955b0d2b594104d44228775198dbf26afe70f7715237eb13a87597f99de08b868486a5c6513c391c96315ade523bbeefb506dcb39781abbfdd9
SSDEEP

1536:amZ+4hcuX5uZ79jmvFQTXnz9yQ/PFBhl1C:amZ+luXwy2f9LDhDC

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  9d823261ae50a05dd8e077ce05fd7b4b7b0ad13bd80d635fff1aa3b84a1cc5f8N.exe
- Size
  
  57KB
- MD5
  
  9efa52605ac53b7ca2697c1592885300
- SHA1
  
  0292c3495e4f9131f170fc4a8f239d33b22b7788
- SHA256
  
  9d823261ae50a05dd8e077ce05fd7b4b7b0ad13bd80d635fff1aa3b84a1cc5f8
- SHA512
  
  740059f1c76b5955b0d2b594104d44228775198dbf26afe70f7715237eb13a87597f99de08b868486a5c6513c391c96315ade523bbeefb506dcb39781abbfdd9
- SSDEEP
  
  1536:amZ+4hcuX5uZ79jmvFQTXnz9yQ/PFBhl1C:amZ+luXwy2f9LDhDC
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan