Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

217e40a87a...JC.exe

windows7-x64

10

217e40a87a...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    217e40a87a7b58f96a71855d84417be0_exe32_JC.exe

  • Size

    454KB

  • Sample

    231015-w2s3cscc22

  • MD5

    217e40a87a7b58f96a71855d84417be0

  • SHA1

    a6f57e4840b0f13ba6ea9e93cca756b51b017106

  • SHA256

    d6151a74dfd8cf801fd50d64b55f7cbb460de07ab075aceb19293c6654dc02c4

  • SHA512

    f9d67a98bb4d934d7ccc4ed9e0b46ea5bfc4c2b88e53e0813355380c5a32ac707dc586567c2e714c12f9df914948f1767b5a277d12c925d7c013ddf06652838c

  • SSDEEP

    6144:CEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFb:CMpASIcWYx2U6hAJQn6

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      217e40a87a7b58f96a71855d84417be0_exe32_JC.exe

    • Size

      454KB

    • MD5

      217e40a87a7b58f96a71855d84417be0

    • SHA1

      a6f57e4840b0f13ba6ea9e93cca756b51b017106

    • SHA256

      d6151a74dfd8cf801fd50d64b55f7cbb460de07ab075aceb19293c6654dc02c4

    • SHA512

      f9d67a98bb4d934d7ccc4ed9e0b46ea5bfc4c2b88e53e0813355380c5a32ac707dc586567c2e714c12f9df914948f1767b5a277d12c925d7c013ddf06652838c

    • SSDEEP

      6144:CEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpdFb:CMpASIcWYx2U6hAJQn6

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks