urelas | 4dbe1d196715a865ee5a48719db10c33848f316f6ddbe4b4b92d21ed0caac0ae | Triage

Sharing

General

Target

2025-04-04_ab53a90830d25f4915fbebf749956b38_amadey_rhadamanthys_smoke-loader
Size

440KB
Sample

250404-glykks1vc1
MD5

ab53a90830d25f4915fbebf749956b38
SHA1

b1a5923946445a191606695af0891f5006732678
SHA256

4dbe1d196715a865ee5a48719db10c33848f316f6ddbe4b4b92d21ed0caac0ae
SHA512

51c095a21ed82894e1eea8077cdaddcaa09b48c7ddb84c7194795d22ded1019abc8b8276376edffdd179d98a5c79e7b30895f28fe6e82a6a429bb045b997c800
SSDEEP

6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpj7:oMpASIcWYx2U6hAJQnm

Score

10^/10

urelas discovery trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  2025-04-04_ab53a90830d25f4915fbebf749956b38_amadey_rhadamanthys_smoke-loader
- Size
  
  440KB
- MD5
  
  ab53a90830d25f4915fbebf749956b38
- SHA1
  
  b1a5923946445a191606695af0891f5006732678
- SHA256
  
  4dbe1d196715a865ee5a48719db10c33848f316f6ddbe4b4b92d21ed0caac0ae
- SHA512
  
  51c095a21ed82894e1eea8077cdaddcaa09b48c7ddb84c7194795d22ded1019abc8b8276376edffdd179d98a5c79e7b30895f28fe6e82a6a429bb045b997c800
- SSDEEP
  
  6144:oEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpj7:oMpASIcWYx2U6hAJQnm
Score

10^/10

urelas discovery trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Urelas family
  urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

urelasdiscoverytrojan