urelas | 665f34aa97227fa85bc9c5660b414cd3f49665978099964b88b01d8a4201cf1c | Triage

Sharing

General

Target

665f34aa97227fa85bc9c5660b414cd3f49665978099964b88b01d8a4201cf1c.exe
Size

141KB
Sample

250202-pjyfsstldr
MD5

74f1bcc76becad9f01e6a8140f5b6ee0
SHA1

5ce0120845e8e6f94e6ffbd8b82db80eb0275c06
SHA256

665f34aa97227fa85bc9c5660b414cd3f49665978099964b88b01d8a4201cf1c
SHA512

c24249f6b253a0bd1ab835fb3e8457b1c80200721abf2dfd5d23e52fc5974a4be3ceaf4acc961e9d30d5136410884700d821d19d4d9d52cef068cb08c368b9f7
SSDEEP

1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APfIYU:P/5kqCxiXEcO3XfGf2tMUf6odgR5A4YU

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  665f34aa97227fa85bc9c5660b414cd3f49665978099964b88b01d8a4201cf1c.exe
- Size
  
  141KB
- MD5
  
  74f1bcc76becad9f01e6a8140f5b6ee0
- SHA1
  
  5ce0120845e8e6f94e6ffbd8b82db80eb0275c06
- SHA256
  
  665f34aa97227fa85bc9c5660b414cd3f49665978099964b88b01d8a4201cf1c
- SHA512
  
  c24249f6b253a0bd1ab835fb3e8457b1c80200721abf2dfd5d23e52fc5974a4be3ceaf4acc961e9d30d5136410884700d821d19d4d9d52cef068cb08c368b9f7
- SSDEEP
  
  1536:P/oEkqfCZ10zcT9Yh8AIXcjyz9cOXfiXGImcatMrsWjcdf6odgR5APfIYU:P/5kqCxiXEcO3XfGf2tMUf6odgR5A4YU
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan