urelas | 1734de5eeeb1055302746928ce656ee18b2411dd67bc9d70ecd397fc37f04dea | Triage

Sharing

General

Target

2025-04-02_acd1392095f4b6997b19f8d855163f3b_amadey_smoke-loader
Size

516KB
Sample

250402-hkcr6avr16
MD5

acd1392095f4b6997b19f8d855163f3b
SHA1

d226ef6102a3aa87ff0df5ba38ee9ec11701e965
SHA256

1734de5eeeb1055302746928ce656ee18b2411dd67bc9d70ecd397fc37f04dea
SHA512

a63929c548b9e21b96950ea37d999df37377151d239b310d410f686a6e7e46c0ce24feae8415db19ae832a0cabbb5fd5f90ee95847513aae59f0023b7e2dc3c6
SSDEEP

12288:1pbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhI:1pbGRZxSfGCUs99hq5Jg

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  2025-04-02_acd1392095f4b6997b19f8d855163f3b_amadey_smoke-loader
- Size
  
  516KB
- MD5
  
  acd1392095f4b6997b19f8d855163f3b
- SHA1
  
  d226ef6102a3aa87ff0df5ba38ee9ec11701e965
- SHA256
  
  1734de5eeeb1055302746928ce656ee18b2411dd67bc9d70ecd397fc37f04dea
- SHA512
  
  a63929c548b9e21b96950ea37d999df37377151d239b310d410f686a6e7e46c0ce24feae8415db19ae832a0cabbb5fd5f90ee95847513aae59f0023b7e2dc3c6
- SSDEEP
  
  12288:1pbfVlu0agWfZlnxgmEpZGsrUs99uDEq5EGDFhI:1pbGRZxSfGCUs99hq5Jg
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan