Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

  • Size

    450KB

  • Sample

    231105-v8emwabd68

  • MD5

    d171f74d11f49784f4ab635173f33950

  • SHA1

    8e719a662e0a60d3cd34e05e3de6b5be7176ab90

  • SHA256

    2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff

  • SHA512

    6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11

  • SSDEEP

    6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

    • Size

      450KB

    • MD5

      d171f74d11f49784f4ab635173f33950

    • SHA1

      8e719a662e0a60d3cd34e05e3de6b5be7176ab90

    • SHA256

      2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff

    • SHA512

      6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11

    • SSDEEP

      6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.