urelas | ead830b446211821044cc504f4346fe54031304ce67ca6e2f0bddeef3c3f7df1 | Triage

Sharing

General

Target

2025-04-04_adac27f0b6ef5be08ae0a1fd00cfd5d4_amadey_rhadamanthys_smoke-loader
Size

461KB
Sample

250404-gdspcs1sez
MD5

adac27f0b6ef5be08ae0a1fd00cfd5d4
SHA1

34684a7fb6a9a315f68ac31381466941f1c1e9b3
SHA256

ead830b446211821044cc504f4346fe54031304ce67ca6e2f0bddeef3c3f7df1
SHA512

1e15d8c265bb92e77f8468394b06cddb8634ee26e9588e29e157b1217f0b821365107803e77106f6a90d36eec45b8b396d8a7321985c9903495aac1482cf4499
SSDEEP

6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFRdmc:LMpASIcWYx2U6hAJQnS

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  2025-04-04_adac27f0b6ef5be08ae0a1fd00cfd5d4_amadey_rhadamanthys_smoke-loader
- Size
  
  461KB
- MD5
  
  adac27f0b6ef5be08ae0a1fd00cfd5d4
- SHA1
  
  34684a7fb6a9a315f68ac31381466941f1c1e9b3
- SHA256
  
  ead830b446211821044cc504f4346fe54031304ce67ca6e2f0bddeef3c3f7df1
- SHA512
  
  1e15d8c265bb92e77f8468394b06cddb8634ee26e9588e29e157b1217f0b821365107803e77106f6a90d36eec45b8b396d8a7321985c9903495aac1482cf4499
- SSDEEP
  
  6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFRdmc:LMpASIcWYx2U6hAJQnS
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan