urelas | a78d8d25db8bcadb54f4d251bd121d66c16e90847c9314ffc9cdfb95337b3308 | Triage

Submit
Reports

Overview

overview

Static

static

2025-04-03...er.exe

windows10-2004-x64

Sharing

General

Target

2025-04-03_c7ff8e6487123fbb371b360f82d7415f_amadey_smoke-loader
Size

480KB
Sample

250403-w3hysa1zcz
MD5

c7ff8e6487123fbb371b360f82d7415f
SHA1

dd4da90cdd7a667ccff3d3396b9b41f2c805b733
SHA256

a78d8d25db8bcadb54f4d251bd121d66c16e90847c9314ffc9cdfb95337b3308
SHA512

09002f2c8d8032d7cef6dfbc3fb006f91e0de71a14313c1b7c1067731be850105cb72533c028ad8c0cb222cf5d75314c871d55432713ad1c31a960740305565f
SSDEEP

6144:wqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpVOf:TQRI/3w36EnCYcFE/iydJai/WZtc

Score

10^/10

urelas discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2025-04-03_c7ff8e6487123fbb371b360f82d7415f_amadey_smoke-loader.exe

Resource

win10v2004-20250314-en

urelas discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.30.235

218.54.31.165

Targets

- Target
  
  2025-04-03_c7ff8e6487123fbb371b360f82d7415f_amadey_smoke-loader
- Size
  
  480KB
- MD5
  
  c7ff8e6487123fbb371b360f82d7415f
- SHA1
  
  dd4da90cdd7a667ccff3d3396b9b41f2c805b733
- SHA256
  
  a78d8d25db8bcadb54f4d251bd121d66c16e90847c9314ffc9cdfb95337b3308
- SHA512
  
  09002f2c8d8032d7cef6dfbc3fb006f91e0de71a14313c1b7c1067731be850105cb72533c028ad8c0cb222cf5d75314c871d55432713ad1c31a960740305565f
- SSDEEP
  
  6144:wqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpVOf:TQRI/3w36EnCYcFE/iydJai/WZtc
Score

10^/10

urelas discovery trojan upx
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojanupx

© 2018-2025

Terms | Privacy