Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

  • Size

    450KB

  • Sample

    231105-v8emwabd68

  • MD5

    d171f74d11f49784f4ab635173f33950

  • SHA1

    8e719a662e0a60d3cd34e05e3de6b5be7176ab90

  • SHA256

    2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff

  • SHA512

    6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11

  • SSDEEP

    6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      NEAS.d171f74d11f49784f4ab635173f33950_JC.exe

    • Size

      450KB

    • MD5

      d171f74d11f49784f4ab635173f33950

    • SHA1

      8e719a662e0a60d3cd34e05e3de6b5be7176ab90

    • SHA256

      2c23cab9e2722ddcc9ea7c78f630ed177cbcda9dd71da2d3d524e5864e9ce2ff

    • SHA512

      6be38cb72a086741cc55c330975b75abbdad0629659802bcc89f5c89d2855982030c2673f8891de4cbfd52919fe9e46eabd91ecf77becc47f669594f19164f11

    • SSDEEP

      6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpoN:PMpASIcWYx2U6hAJQnx

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks