Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.93977855e03dddef70cbf66b16c6be10.exe

  • Size

    465KB

  • Sample

    231016-w41j8ahh72

  • MD5

    93977855e03dddef70cbf66b16c6be10

  • SHA1

    6c30aaf76da7bd5be3120a41977300a6068e8a9d

  • SHA256

    0b9a8a57f5f9b7a2bd41a12ddb854ee1b534c19f04ea83196682c2a85362ddaf

  • SHA512

    0d185f45b996e6a641970235b4cfeaaa0f96d795db7f5a61785b75eb2d7ace80f14b942ef479f98b99b44eb093bc1b8c0187502735cc854af244c933a04a2b39

  • SSDEEP

    6144:k9H4y9VOpL/DeRRoSGFPRuDYBzFrY5dRA2AkCMnZi6c/2AS9kFwJARejm7m:kZF9VOpnqoSG1EcBhs9xAkLZMomm

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

218.54.30.235

Targets

    • Target

      NEAS.93977855e03dddef70cbf66b16c6be10.exe

    • Size

      465KB

    • MD5

      93977855e03dddef70cbf66b16c6be10

    • SHA1

      6c30aaf76da7bd5be3120a41977300a6068e8a9d

    • SHA256

      0b9a8a57f5f9b7a2bd41a12ddb854ee1b534c19f04ea83196682c2a85362ddaf

    • SHA512

      0d185f45b996e6a641970235b4cfeaaa0f96d795db7f5a61785b75eb2d7ace80f14b942ef479f98b99b44eb093bc1b8c0187502735cc854af244c933a04a2b39

    • SSDEEP

      6144:k9H4y9VOpL/DeRRoSGFPRuDYBzFrY5dRA2AkCMnZi6c/2AS9kFwJARejm7m:kZF9VOpnqoSG1EcBhs9xAkLZMomm

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks