Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8babe6101d1521de02ba298a97568e37

  • Size

    466KB

  • Sample

    231222-pjnatscbg9

  • MD5

    8babe6101d1521de02ba298a97568e37

  • SHA1

    c850af801d79cace908b20e3008febe5ea8b14a6

  • SHA256

    f6fa648ddfbb82204eea3c91882ea8daeef16273814954fd0df863bc79ff643f

  • SHA512

    295b9994606838abb0fa9f4cd40c139fd796efd66f9034e9adcfba0f24c8245ea08435e78baccd17f7b8937051f2c09ccc0ca123b277aad34ad89c7b1ca98ac7

  • SSDEEP

    12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mP:9x9GzHlTv/b35tecFB6S

Score
10/10

Malware Config

Extracted

Family

urelas

C2

121.88.5.183

121.88.5.184

Targets

    • Target

      8babe6101d1521de02ba298a97568e37

    • Size

      466KB

    • MD5

      8babe6101d1521de02ba298a97568e37

    • SHA1

      c850af801d79cace908b20e3008febe5ea8b14a6

    • SHA256

      f6fa648ddfbb82204eea3c91882ea8daeef16273814954fd0df863bc79ff643f

    • SHA512

      295b9994606838abb0fa9f4cd40c139fd796efd66f9034e9adcfba0f24c8245ea08435e78baccd17f7b8937051f2c09ccc0ca123b277aad34ad89c7b1ca98ac7

    • SSDEEP

      12288:93CtSokfFGUMKwlTIU/b37dJ75WEe+eKTxB6mP:9x9GzHlTv/b35tecFB6S

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks