Overview

overview

10

Static

static

10

2025-04-02...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-02_5195e2e8f4b4159935e6e073b5374e73_amadey_smoke-loader

  • Size

    581KB

  • Sample

    250402-r17f5s1lz2

  • MD5

    5195e2e8f4b4159935e6e073b5374e73

  • SHA1

    2e436531d0c630daf2f78a9956ec349a8349585d

  • SHA256

    553463b7f26cbb1dd837663bb1070e3e5855704135df7ce1aa8db1fcd2fee49b

  • SHA512

    767afa7de3029a1499bee15ac4fe40d66f94b1e2b5adafdddbb6b250e59e6552d2d60acec91594af9205509692180aa2478f78458aca7cdd04fbd5a693344247

  • SSDEEP

    6144:JajY1oC+/U8Vjlx4kk9HKda4L38c8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQwd:fOlx4kk9HKda4YJoSiQi4kVdcQzjk4

Score
10/10
urelasdiscoverytrojanupx

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      2025-04-02_5195e2e8f4b4159935e6e073b5374e73_amadey_smoke-loader

    • Size

      581KB

    • MD5

      5195e2e8f4b4159935e6e073b5374e73

    • SHA1

      2e436531d0c630daf2f78a9956ec349a8349585d

    • SHA256

      553463b7f26cbb1dd837663bb1070e3e5855704135df7ce1aa8db1fcd2fee49b

    • SHA512

      767afa7de3029a1499bee15ac4fe40d66f94b1e2b5adafdddbb6b250e59e6552d2d60acec91594af9205509692180aa2478f78458aca7cdd04fbd5a693344247

    • SSDEEP

      6144:JajY1oC+/U8Vjlx4kk9HKda4L38c8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQwd:fOlx4kk9HKda4YJoSiQi4kVdcQzjk4

    Score
    10/10
    urelasdiscoverytrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks