urelas | afa607210468acefdc2ca7557a2828a77d88c9f4a3d8ee0c93ea9ee21525bceb | Triage

Sharing

General

Target

afa607210468acefdc2ca7557a2828a77d88c9f4a3d8ee0c93ea9ee21525bcebN.exe
Size

68KB
Sample

250123-2jpvwawpht
MD5

be98298b83cc3177ac4bc0076e3cae30
SHA1

bc09cf78b62b62fdb53a777d10a6ae9c8f598398
SHA256

afa607210468acefdc2ca7557a2828a77d88c9f4a3d8ee0c93ea9ee21525bceb
SHA512

330ea13a5853ddf129f3340b9ca853ebdbe5124fa8cc8e7895c011ee4686125a97c768c2ca727a85d32f8ceb827da94c509afbd2d2d5e36dafc5cbef12782cdd
SSDEEP

1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCara:yLAYUzmdD0sMQl7d7IuhCa+

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  afa607210468acefdc2ca7557a2828a77d88c9f4a3d8ee0c93ea9ee21525bcebN.exe
- Size
  
  68KB
- MD5
  
  be98298b83cc3177ac4bc0076e3cae30
- SHA1
  
  bc09cf78b62b62fdb53a777d10a6ae9c8f598398
- SHA256
  
  afa607210468acefdc2ca7557a2828a77d88c9f4a3d8ee0c93ea9ee21525bceb
- SHA512
  
  330ea13a5853ddf129f3340b9ca853ebdbe5124fa8cc8e7895c011ee4686125a97c768c2ca727a85d32f8ceb827da94c509afbd2d2d5e36dafc5cbef12782cdd
- SSDEEP
  
  1536:v6fqsAPQYGmPzmZDDZrV8sMQXGkfn33n7z5WeIuhCara:yLAYUzmdD0sMQl7d7IuhCa+
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan