Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.e3fefcba5a3db158d0bf494df1a80cf0.exe

  • Size

    424KB

  • Sample

    231105-3l1wlaed9t

  • MD5

    e3fefcba5a3db158d0bf494df1a80cf0

  • SHA1

    ff90099b08b134a55bc39970c4f3952d32ca501f

  • SHA256

    86cc68de2266eaf0560de17db6ecb6b709def9c57ce97d02e5bc0b29ac3d1757

  • SHA512

    520200330946490715abf5fae7d73d934a812f759e89633dab8b7561091b597fd27dd20d5b2d3d88aba7439255073989522da6946b33f7d679bfa1420e86dccc

  • SSDEEP

    6144:to3wRi+1Py3V0a2WkQ6P9N2Y/Op9eXQ6fU//BFuHt07Vx9Ulw:w6f1PyKa2u6P9N2y3U/mHyUw

Score
10/10

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.e3fefcba5a3db158d0bf494df1a80cf0.exe

    • Size

      424KB

    • MD5

      e3fefcba5a3db158d0bf494df1a80cf0

    • SHA1

      ff90099b08b134a55bc39970c4f3952d32ca501f

    • SHA256

      86cc68de2266eaf0560de17db6ecb6b709def9c57ce97d02e5bc0b29ac3d1757

    • SHA512

      520200330946490715abf5fae7d73d934a812f759e89633dab8b7561091b597fd27dd20d5b2d3d88aba7439255073989522da6946b33f7d679bfa1420e86dccc

    • SSDEEP

      6144:to3wRi+1Py3V0a2WkQ6P9N2Y/Op9eXQ6fU//BFuHt07Vx9Ulw:w6f1PyKa2u6P9N2y3U/mHyUw

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks