Extracted

• • Target

    21ba3ef271059a86946a81174690d27a40f8510c39e499b5350b76158aaa71cb

  • Size

    86KB

  • MD5

    462b6e2c0308ad8200127dae358c10b1

  • SHA1

    94b1397ef377d8fb0af7a0fda0240e3352ed3847

  • SHA256

    21ba3ef271059a86946a81174690d27a40f8510c39e499b5350b76158aaa71cb

  • SHA512

    892efc16616cd69db6ffa3c825bf2bce63b17d3e5ab5251c537b932497d574a546183d0d0fcfb358ee3cb616c8a4356509e6fdb6dae64cd245eb87014259b691

  • SSDEEP

    1536:Jz+jIHNv+vsFbwW6dk0QeLb4NMHriBRxiDkURFH0tHq:JznH976dUCnuniDd0Rq

  Score

  10^/10

  urelasdiscoverytrojanupx

  • Urelas

    Urelas is a trojan targeting card games.

    trojanurelas

  • Urelas family

    urelas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2