urelas | c17f935c7a26f36ed26ffe807033054469869841ce7ca49ff08104f7f6f7cce3 | Triage

Sharing

General

Target

2025-04-04_40c30e9a08fa24da8610a9def50e51bd_amadey_smoke-loader
Size

790KB
Sample

250404-frt9nszygt
MD5

40c30e9a08fa24da8610a9def50e51bd
SHA1

afbcb07801aca53750b920e191a5a910fa76de0f
SHA256

c17f935c7a26f36ed26ffe807033054469869841ce7ca49ff08104f7f6f7cce3
SHA512

6b2e8530a90fab68e2b7fe9796c7518409841c16a2ca84179124542ca6178174ab716099cb0916d5b14a05d523fea13b18e8516ad6cb4f2a62cefc3fc9d63720
SSDEEP

12288:dccNvdRExZGe+Q1nzPAlDqfJZTvfTRTWkI42gqmoWkI094og2GXfJKnbkS3LdAPp:dnPfQpzyD8ZTn8kZ2gqAkI094vOkSCLl

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

- Target
  
  2025-04-04_40c30e9a08fa24da8610a9def50e51bd_amadey_smoke-loader
- Size
  
  790KB
- MD5
  
  40c30e9a08fa24da8610a9def50e51bd
- SHA1
  
  afbcb07801aca53750b920e191a5a910fa76de0f
- SHA256
  
  c17f935c7a26f36ed26ffe807033054469869841ce7ca49ff08104f7f6f7cce3
- SHA512
  
  6b2e8530a90fab68e2b7fe9796c7518409841c16a2ca84179124542ca6178174ab716099cb0916d5b14a05d523fea13b18e8516ad6cb4f2a62cefc3fc9d63720
- SSDEEP
  
  12288:dccNvdRExZGe+Q1nzPAlDqfJZTvfTRTWkI42gqmoWkI094og2GXfJKnbkS3LdAPp:dnPfQpzyD8ZTn8kZ2gqAkI094vOkSCLl
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan