urelas | e3dcdc96b8c4965c23b60d3aa9fab42b8493b6a5ffbaaefdb35d2218d2108b3a | Triage

Sharing

General

Target

e3dcdc96b8c4965c23b60d3aa9fab42b8493b6a5ffbaaefdb35d2218d2108b3aN.exe
Size

69KB
Sample

250202-rz7qhswjhw
MD5

b2c1bddf5d65b19256c9d964710062f0
SHA1

dbe208ef560ee7c139850060e7e4d3bc4cb01f8b
SHA256

e3dcdc96b8c4965c23b60d3aa9fab42b8493b6a5ffbaaefdb35d2218d2108b3a
SHA512

eed640c3281596ff8cfadad0653e4be1cccb57170a54f73b227e8f02f622246cf7279488976e5c4347b70a9bb1d9cacbb2904207a53c550187374007deaaa189
SSDEEP

1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeOtx:l//AjMp+u2onejH2Pea

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

- Target
  
  e3dcdc96b8c4965c23b60d3aa9fab42b8493b6a5ffbaaefdb35d2218d2108b3aN.exe
- Size
  
  69KB
- MD5
  
  b2c1bddf5d65b19256c9d964710062f0
- SHA1
  
  dbe208ef560ee7c139850060e7e4d3bc4cb01f8b
- SHA256
  
  e3dcdc96b8c4965c23b60d3aa9fab42b8493b6a5ffbaaefdb35d2218d2108b3a
- SHA512
  
  eed640c3281596ff8cfadad0653e4be1cccb57170a54f73b227e8f02f622246cf7279488976e5c4347b70a9bb1d9cacbb2904207a53c550187374007deaaa189
- SSDEEP
  
  1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPeOtx:l//AjMp+u2onejH2Pea
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan

behavioral2

urelasdiscoverytrojan