urelas | f2f1e80dde8e6bab909cae0f8fdbd38cd5a4371bd8ea93b66d135e7030622664 | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-03...er.exe

windows10-2004-x64

Sharing

General

Target

2025-04-03_79edff08b4c5acd81e001446292b905d_amadey_smoke-loader
Size

581KB
Sample

250403-gftpfatjy8
MD5

79edff08b4c5acd81e001446292b905d
SHA1

1950177af6fac20e05c39656e0e2beea7684808a
SHA256

f2f1e80dde8e6bab909cae0f8fdbd38cd5a4371bd8ea93b66d135e7030622664
SHA512

a85cc9f0423c1e1a84d09eb770882072a91f0e570599ee935ec8d6ee11513b78dfef83ff357d969086dad296ceef7cf7ae35462630904206b99e0a56c637c4a2
SSDEEP

6144:JajY1oC+/U8Vjlx4kk9HKda4L38c8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQwS:fOlx4kk9HKda4YJoSiQi4kVdcQzjkP

Score

10^/10

urelas discovery trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-04-03_79edff08b4c5acd81e001446292b905d_amadey_smoke-loader.exe

Resource

win10v2004-20250314-en

urelas discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  2025-04-03_79edff08b4c5acd81e001446292b905d_amadey_smoke-loader
- Size
  
  581KB
- MD5
  
  79edff08b4c5acd81e001446292b905d
- SHA1
  
  1950177af6fac20e05c39656e0e2beea7684808a
- SHA256
  
  f2f1e80dde8e6bab909cae0f8fdbd38cd5a4371bd8ea93b66d135e7030622664
- SHA512
  
  a85cc9f0423c1e1a84d09eb770882072a91f0e570599ee935ec8d6ee11513b78dfef83ff357d969086dad296ceef7cf7ae35462630904206b99e0a56c637c4a2
- SSDEEP
  
  6144:JajY1oC+/U8Vjlx4kk9HKda4L38c8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQwS:fOlx4kk9HKda4YJoSiQi4kVdcQzjkP
Score

10^/10

urelas discovery trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojanupx

© 2018-2025

Terms | Privacy