Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1baaf4bfd7943e427e3d0e472f4119d0_JC.exe

  • Size

    76KB

  • Sample

    231011-wdvlaacg4w

  • MD5

    1baaf4bfd7943e427e3d0e472f4119d0

  • SHA1

    8f174f4f282f43af4758454fd46e0427be90c6fa

  • SHA256

    9a4c4098645829ae3b5f7830fedd58798ebbf96f0173c90031de1a0d943340d4

  • SHA512

    45c6d9efb75c2dbde50298660135a9bcfa57023873f12388f47c1faa1a65145eed319daf80b7dec82a524439d840d65194c1ab104e296cbffad22c21dec6e8cb

  • SSDEEP

    1536:jIr3YriYiUi+H++o1eVlXd+8c0GXmvJJNHjLwl50fPGX:jyYti0pXd+8c0GWvJ3Hvwl5l

Score
10/10

Malware Config

Extracted

Family

urelas

C2

112.175.88.207

112.175.88.208

Targets

    • Target

      NEAS.1baaf4bfd7943e427e3d0e472f4119d0_JC.exe

    • Size

      76KB

    • MD5

      1baaf4bfd7943e427e3d0e472f4119d0

    • SHA1

      8f174f4f282f43af4758454fd46e0427be90c6fa

    • SHA256

      9a4c4098645829ae3b5f7830fedd58798ebbf96f0173c90031de1a0d943340d4

    • SHA512

      45c6d9efb75c2dbde50298660135a9bcfa57023873f12388f47c1faa1a65145eed319daf80b7dec82a524439d840d65194c1ab104e296cbffad22c21dec6e8cb

    • SSDEEP

      1536:jIr3YriYiUi+H++o1eVlXd+8c0GXmvJJNHjLwl50fPGX:jyYti0pXd+8c0GWvJ3Hvwl5l

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks