urelas

General

Target

4dae6ee0afb7f71b404c713179b1ca685074f082fa15f575f78311e5312092ea.exe
Size

429KB
Sample

250205-nwmz6awpbk
MD5

dacc6d418d072c06eade262b258c043b
SHA1

f7e4c7eedd769c047acc5aab95393817fb88812e
SHA256

4dae6ee0afb7f71b404c713179b1ca685074f082fa15f575f78311e5312092ea
SHA512

091e1a82e3ee97224b4634f2c5ee8bc53ce292f3fb24c2119aa63c5e0536c764ed925f52240ba50e36b90175df9bef56c65053520c780cef914bd612bc5b29a5
SSDEEP

6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKrQ:4ANxU3VH1t19MsAlpX/

Score

10^/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

- Target
  
  4dae6ee0afb7f71b404c713179b1ca685074f082fa15f575f78311e5312092ea.exe
- Size
  
  429KB
- MD5
  
  dacc6d418d072c06eade262b258c043b
- SHA1
  
  f7e4c7eedd769c047acc5aab95393817fb88812e
- SHA256
  
  4dae6ee0afb7f71b404c713179b1ca685074f082fa15f575f78311e5312092ea
- SHA512
  
  091e1a82e3ee97224b4634f2c5ee8bc53ce292f3fb24c2119aa63c5e0536c764ed925f52240ba50e36b90175df9bef56c65053520c780cef914bd612bc5b29a5
- SSDEEP
  
  6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKrQ:4ANxU3VH1t19MsAlpX/
Score

10^/10

urelas aspackv2 discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Urelas family

ASPack v2.12-2.42

Checks computer location settings

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2