urelas | 2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

NEAS.d171f...JC.exe

windows7-x64

NEAS.d171f...JC.exe

windows10-2004-x64

Sharing

General

Target

NEAS.d171f74d11f49784f4ab635173f33950_JC.exe
Size

450KB
Sample

231105-v8emwabd68
MD5

d171f74d11f49784f4ab635173f33950
SHA1

8e719a662e0a60d3cd34e05e3de6b5be7176ab90
SHA256

2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff
SHA512

6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11
SSDEEP

6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx

Score

10^/10

urelas trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

Resource

win7-20231020-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

- Target
  
  NEAS.d171f74d11f49784f4ab635173f33950_JC.exe
- Size
  
  450KB
- MD5
  
  d171f74d11f49784f4ab635173f33950
- SHA1
  
  8e719a662e0a60d3cd34e05e3de6b5be7176ab90
- SHA256
  
  2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff
- SHA512
  
  6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11
- SSDEEP
  
  6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx
Score

10^/10

urelas trojan
- Urelas
  Urelas is a trojan targeting card games.
  trojan urelas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.