urelas | 80cb2dc2776d228c7d9229c6ac22278bbda0eb57978d164188bf1328ef18c12b | Triage

Sharing

General

Target

2025-04-04_0958b2bb6a1678f7316b19c706d80325_amadey_rhadamanthys_smoke-loader
Size

461KB
Sample

250404-f62bjaz1ey
MD5

0958b2bb6a1678f7316b19c706d80325
SHA1

a59ce8ead8e60c1fdd17e401d84c227ad4dec36d
SHA256

80cb2dc2776d228c7d9229c6ac22278bbda0eb57978d164188bf1328ef18c12b
SHA512

1a480c4b637375ea3c112964089253f28a40c1feb47e91163a56bba397dad5639e381fdcdacea6d43e8b210c5c23a5859e276347799b5751ab597caeaae7c296
SSDEEP

6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFRdm/:LMpASIcWYx2U6hAJQnZ

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  2025-04-04_0958b2bb6a1678f7316b19c706d80325_amadey_rhadamanthys_smoke-loader
- Size
  
  461KB
- MD5
  
  0958b2bb6a1678f7316b19c706d80325
- SHA1
  
  a59ce8ead8e60c1fdd17e401d84c227ad4dec36d
- SHA256
  
  80cb2dc2776d228c7d9229c6ac22278bbda0eb57978d164188bf1328ef18c12b
- SHA512
  
  1a480c4b637375ea3c112964089253f28a40c1feb47e91163a56bba397dad5639e381fdcdacea6d43e8b210c5c23a5859e276347799b5751ab597caeaae7c296
- SSDEEP
  
  6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFRdm/:LMpASIcWYx2U6hAJQnZ
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan