Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4790440ba0e67149cff353930fb72ac7

  • Size

    535KB

  • Sample

    231226-a69p1shdb8

  • MD5

    4790440ba0e67149cff353930fb72ac7

  • SHA1

    8124005da70ff24dbc969f0b85b81ee741727676

  • SHA256

    b7f9d23a79a3584615b96aad5335707ca944ac2306c1c9d5558abd91bcb9d1ec

  • SHA512

    1a4672d90139b23328714192e5522fde6d4f5cc89d8671200112f7266889ca625637412de77007d0ba5779f0e08d6a4f2e97e294ef88d9b1b448f164bdfb2af1

  • SSDEEP

    12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP6:q0P/k4lb2wKat6

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      4790440ba0e67149cff353930fb72ac7

    • Size

      535KB

    • MD5

      4790440ba0e67149cff353930fb72ac7

    • SHA1

      8124005da70ff24dbc969f0b85b81ee741727676

    • SHA256

      b7f9d23a79a3584615b96aad5335707ca944ac2306c1c9d5558abd91bcb9d1ec

    • SHA512

      1a4672d90139b23328714192e5522fde6d4f5cc89d8671200112f7266889ca625637412de77007d0ba5779f0e08d6a4f2e97e294ef88d9b1b448f164bdfb2af1

    • SSDEEP

      12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NP6:q0P/k4lb2wKat6

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks