Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.43356...7a.exe

windows7-x64

10

NEAS.43356...7a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.43356128735747b472d98211f980d57a.exe

  • Size

    124KB

  • Sample

    231117-tmbhnaag47

  • MD5

    43356128735747b472d98211f980d57a

  • SHA1

    ead1956ef510f9ecd8d388b03a518af6de776a5f

  • SHA256

    831a3e29e0a1e5f06c60d956c5cac3d32dfb86d82c5ffa8cf1240e960c64855a

  • SHA512

    7905d04d93c6f57a8fd2f570bb4a8bad26627f98c6330d7e038f2309d00a90a795da9acb57a0db06281ec8273cf7e6eb9d4a8d0b67afc7f24e630132085dcb15

  • SSDEEP

    1536:3C+ltNKIxyDjxxNA6vOOZsBLD/qMJEAhHmRYHE7mqfm0yn:3C+ltUIs9pO9/jj8YKmF

Score
10/10
urelastrojan

Malware Config

Extracted

Family

urelas

C2

112.175.88.208

112.175.88.207

Targets

    • Target

      NEAS.43356128735747b472d98211f980d57a.exe

    • Size

      124KB

    • MD5

      43356128735747b472d98211f980d57a

    • SHA1

      ead1956ef510f9ecd8d388b03a518af6de776a5f

    • SHA256

      831a3e29e0a1e5f06c60d956c5cac3d32dfb86d82c5ffa8cf1240e960c64855a

    • SHA512

      7905d04d93c6f57a8fd2f570bb4a8bad26627f98c6330d7e038f2309d00a90a795da9acb57a0db06281ec8273cf7e6eb9d4a8d0b67afc7f24e630132085dcb15

    • SSDEEP

      1536:3C+ltNKIxyDjxxNA6vOOZsBLD/qMJEAhHmRYHE7mqfm0yn:3C+ltUIs9pO9/jj8YKmF

    Score
    10/10
    urelastrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks