Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.8fbfc597ee04d6b9472abe360d5827f0.exe

  • Size

    331KB

  • Sample

    231014-wpezzada5y

  • MD5

    8fbfc597ee04d6b9472abe360d5827f0

  • SHA1

    eda2059dbd659cba40089d552a031737e25b1408

  • SHA256

    2cd4a2228255be8ca927503ca7cb65eaef592eba2738742e889291dfde872d62

  • SHA512

    b84ea699d581e610457edf746e82da2557726466d5721ee1fe99fff5114c0aec6fb05541cd86552b5a3f9cdb9da295db8552fa0f435d7f788f7aad90f93e6850

  • SSDEEP

    6144:GLtOexihqv4m+lXD6betiTuBMTWjIDIiUBAkW9UOKMOtzWO8CatspdZ:GL1D+IatauBML42MykRak

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.8fbfc597ee04d6b9472abe360d5827f0.exe

    • Size

      331KB

    • MD5

      8fbfc597ee04d6b9472abe360d5827f0

    • SHA1

      eda2059dbd659cba40089d552a031737e25b1408

    • SHA256

      2cd4a2228255be8ca927503ca7cb65eaef592eba2738742e889291dfde872d62

    • SHA512

      b84ea699d581e610457edf746e82da2557726466d5721ee1fe99fff5114c0aec6fb05541cd86552b5a3f9cdb9da295db8552fa0f435d7f788f7aad90f93e6850

    • SSDEEP

      6144:GLtOexihqv4m+lXD6betiTuBMTWjIDIiUBAkW9UOKMOtzWO8CatspdZ:GL1D+IatauBML42MykRak

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks