urelas | ac47050eb8e0bb2e70212d6f6e33fa05eb47439e0871bc23ad77aa7b749d7810 | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-03...er.exe

windows10-2004-x64

Sharing

General

Target

2025-04-03_bbba67b38a348eaed7e7f84661a379e8_amadey_smoke-loader
Size

516KB
Sample

250403-j1qvdssyb1
MD5

bbba67b38a348eaed7e7f84661a379e8
SHA1

fd6fa49f7f8cfa5ad431a7c0c8547a66168eaa5d
SHA256

ac47050eb8e0bb2e70212d6f6e33fa05eb47439e0871bc23ad77aa7b749d7810
SHA512

fcc689683f63ed2092421994515f2f24704b3e403612ad48ccb13a14806dcd18846e896eee34cbcac03319bbc2b9fe02876e24fb3c1c28a9505c8a68133f359e
SSDEEP

12288:c2PxDgZo3ijniealtYDG7MzZSHJcvEj8dmoS2us:c2SLi7LT7Mifje

Score

10^/10

urelas discovery trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-04-03_bbba67b38a348eaed7e7f84661a379e8_amadey_smoke-loader.exe

Resource

win10v2004-20250314-en

urelas discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  2025-04-03_bbba67b38a348eaed7e7f84661a379e8_amadey_smoke-loader
- Size
  
  516KB
- MD5
  
  bbba67b38a348eaed7e7f84661a379e8
- SHA1
  
  fd6fa49f7f8cfa5ad431a7c0c8547a66168eaa5d
- SHA256
  
  ac47050eb8e0bb2e70212d6f6e33fa05eb47439e0871bc23ad77aa7b749d7810
- SHA512
  
  fcc689683f63ed2092421994515f2f24704b3e403612ad48ccb13a14806dcd18846e896eee34cbcac03319bbc2b9fe02876e24fb3c1c28a9505c8a68133f359e
- SSDEEP
  
  12288:c2PxDgZo3ijniealtYDG7MzZSHJcvEj8dmoS2us:c2SLi7LT7Mifje
Score

10^/10

urelas discovery trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojanupx

© 2018-2025

Terms | Privacy