Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.8258c7d749681951cff040c91ef03340_JC.exe

  • Size

    161KB

  • Sample

    231104-1ew8qahd46

  • MD5

    8258c7d749681951cff040c91ef03340

  • SHA1

    406f9018b418ae80165a586e280e0032a9a28af9

  • SHA256

    9f80dbebf6a0eff41036bdc501002d424e6dd617b678ea6a115a18682a3da42b

  • SHA512

    d0449329b646cdc95d6da96b0336b22b9849111573601c8c8513c8067d631adbd37bb2e1e450b1233afdf377091d317e36208116d38110b1b6e2c8da93bf98ee

  • SSDEEP

    3072:9p56zRJ83+OJ7NoGvdwWy6k04yW/KlQ2C:9OzRWu27dlOd5sk

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      NEAS.8258c7d749681951cff040c91ef03340_JC.exe

    • Size

      161KB

    • MD5

      8258c7d749681951cff040c91ef03340

    • SHA1

      406f9018b418ae80165a586e280e0032a9a28af9

    • SHA256

      9f80dbebf6a0eff41036bdc501002d424e6dd617b678ea6a115a18682a3da42b

    • SHA512

      d0449329b646cdc95d6da96b0336b22b9849111573601c8c8513c8067d631adbd37bb2e1e450b1233afdf377091d317e36208116d38110b1b6e2c8da93bf98ee

    • SSDEEP

      3072:9p56zRJ83+OJ7NoGvdwWy6k04yW/KlQ2C:9OzRWu27dlOd5sk

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks