urelas | b5fd98b65aa8b427bbc3ad34d95b0598218102793a3e645a59e40f121c5d2e3b | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-02...er.exe

windows10-2004-x64

Sharing

General

Target

2025-04-02_bf731b4a8a954e8a42ba9fec29607bdc_amadey_smoke-loader
Size

480KB
Sample

250402-xejqvavkt5
MD5

bf731b4a8a954e8a42ba9fec29607bdc
SHA1

9c5e606d8cd82cfa8682df33abe744fd6155d777
SHA256

b5fd98b65aa8b427bbc3ad34d95b0598218102793a3e645a59e40f121c5d2e3b
SHA512

17df5a6c1a27b3c79ed4f572f1b1a0d7bf3937f4a8d3acb50b1962d0fed7866f3e099a5d96ebd07d6045cf0c8ab9a9f250c2683ecc3c4d8473de88b87dcafe25
SSDEEP

6144:wqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpVO9:TQRI/3w36EnCYcFE/iydJai/WZti

Score

10^/10

urelas discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2025-04-02_bf731b4a8a954e8a42ba9fec29607bdc_amadey_smoke-loader.exe

Resource

win10v2004-20250314-en

urelas discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  2025-04-02_bf731b4a8a954e8a42ba9fec29607bdc_amadey_smoke-loader
- Size
  
  480KB
- MD5
  
  bf731b4a8a954e8a42ba9fec29607bdc
- SHA1
  
  9c5e606d8cd82cfa8682df33abe744fd6155d777
- SHA256
  
  b5fd98b65aa8b427bbc3ad34d95b0598218102793a3e645a59e40f121c5d2e3b
- SHA512
  
  17df5a6c1a27b3c79ed4f572f1b1a0d7bf3937f4a8d3acb50b1962d0fed7866f3e099a5d96ebd07d6045cf0c8ab9a9f250c2683ecc3c4d8473de88b87dcafe25
- SSDEEP
  
  6144:wqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpVO9:TQRI/3w36EnCYcFE/iydJai/WZti
Score

10^/10

urelas discovery trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojanupx

© 2018-2025

Terms | Privacy