Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NEAS.a9f57...JC.exe

windows7-x64

10

NEAS.a9f57...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.a9f576a29aa60e35acfc621638239434_JC.exe

  • Size

    418KB

  • Sample

    231008-r9kczadc5s

  • MD5

    a9f576a29aa60e35acfc621638239434

  • SHA1

    3cf23e9c7446c0203c83be7770d42605d6816764

  • SHA256

    019d71fb4d55abe035b657292e0ddd89e3c827b9654337cab1dbd30583320a44

  • SHA512

    82c8269344cc12932afa11d8a2e3cfac3eaf0e854bf9e910d7359d3a052ba7e53b1d8f693413b26cf5fbcc4697854bfda9dc7230ddb649c6e23e77a118979630

  • SSDEEP

    6144:XxiqjFBwbGbGQfkOuuGDblGE2OeMfqP3mOa2cBlBPAsEh:XhjQK3f/utLeMfBnBch

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.a9f576a29aa60e35acfc621638239434_JC.exe

    • Size

      418KB

    • MD5

      a9f576a29aa60e35acfc621638239434

    • SHA1

      3cf23e9c7446c0203c83be7770d42605d6816764

    • SHA256

      019d71fb4d55abe035b657292e0ddd89e3c827b9654337cab1dbd30583320a44

    • SHA512

      82c8269344cc12932afa11d8a2e3cfac3eaf0e854bf9e910d7359d3a052ba7e53b1d8f693413b26cf5fbcc4697854bfda9dc7230ddb649c6e23e77a118979630

    • SSDEEP

      6144:XxiqjFBwbGbGQfkOuuGDblGE2OeMfqP3mOa2cBlBPAsEh:XhjQK3f/utLeMfBnBch

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks