Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.ea28e4e279da969adaa2d55040bf79c8_JC.exe

  • Size

    170KB

  • Sample

    231010-y6rffahb8x

  • MD5

    ea28e4e279da969adaa2d55040bf79c8

  • SHA1

    2a9131e3acbdb853480c29f85b60e20623e96dc6

  • SHA256

    9711852bf7fcd819124f68a006c160702fe1e2c7360a0ba19a84f4123e5cc698

  • SHA512

    bd794ad16e300129174eb8d835808863c2460a6396dc01a76d8260e5a06f82433694582a4cefc18dcd3296dc60b930cb39daab1e0803e881901de5505f846077

  • SSDEEP

    1536:eADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpxyTf+:eADA0Wc7UJ6LZMaHLW65DE8pxWW

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      NEAS.ea28e4e279da969adaa2d55040bf79c8_JC.exe

    • Size

      170KB

    • MD5

      ea28e4e279da969adaa2d55040bf79c8

    • SHA1

      2a9131e3acbdb853480c29f85b60e20623e96dc6

    • SHA256

      9711852bf7fcd819124f68a006c160702fe1e2c7360a0ba19a84f4123e5cc698

    • SHA512

      bd794ad16e300129174eb8d835808863c2460a6396dc01a76d8260e5a06f82433694582a4cefc18dcd3296dc60b930cb39daab1e0803e881901de5505f846077

    • SSDEEP

      1536:eADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpxyTf+:eADA0Wc7UJ6LZMaHLW65DE8pxWW

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks