Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NEAS.e0364...JC.exe

windows7-x64

10

NEAS.e0364...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e03641b70bd4717d8b523aaefedf73bb_JC.exe

  • Size

    334KB

  • Sample

    231009-vppzhaeh4s

  • MD5

    e03641b70bd4717d8b523aaefedf73bb

  • SHA1

    ca8776736a7bd77b6d8fc84dcde0b9c8ff1debda

  • SHA256

    b4023aa399dd4f730da4f450b76e18f828aaf8d3c278bed74324907fad536335

  • SHA512

    3f97f92b9025458560c9f95f141a5218633df95bfd601102c14814a19f17c12156a5072f670f2a950f53cb52fd6b7e5828568eb4f56e70d04886156ea43258c2

  • SSDEEP

    3072:NdXi+V5Kgxpdxj8gbib20xTyst542t8ZHWBow8+zoB91wDQgJl0x2AEMenKbZisT:Nd7rpL43btmQ58Z27zw39gY2FeZh7

Score
10/10
urelasaspackv2trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.e03641b70bd4717d8b523aaefedf73bb_JC.exe

    • Size

      334KB

    • MD5

      e03641b70bd4717d8b523aaefedf73bb

    • SHA1

      ca8776736a7bd77b6d8fc84dcde0b9c8ff1debda

    • SHA256

      b4023aa399dd4f730da4f450b76e18f828aaf8d3c278bed74324907fad536335

    • SHA512

      3f97f92b9025458560c9f95f141a5218633df95bfd601102c14814a19f17c12156a5072f670f2a950f53cb52fd6b7e5828568eb4f56e70d04886156ea43258c2

    • SSDEEP

      3072:NdXi+V5Kgxpdxj8gbib20xTyst542t8ZHWBow8+zoB91wDQgJl0x2AEMenKbZisT:Nd7rpL43btmQ58Z27zw39gY2FeZh7

    Score
    10/10
    urelasaspackv2trojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks