Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1c7b51fc42a4cb6f04c7bcad06152d3a

  • Size

    536KB

  • Sample

    231230-zx7lqsbeg6

  • MD5

    1c7b51fc42a4cb6f04c7bcad06152d3a

  • SHA1

    087011b2bdbe8ad0a2486fbb5c0f6817259dc785

  • SHA256

    4644517d2806702549b846419b6535fe1f921619f9d1beed5227b46417e97880

  • SHA512

    54ae9f8dbb6f3d5da6c88edbec1f3608160a6c6ddcba30f55a106d2c59be0f8751f5297bbcaa5e24794ef2e24e4aa593154967838767815cbdf67850d359af45

  • SSDEEP

    12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NPd:q0P/k4lb2wKatd

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      1c7b51fc42a4cb6f04c7bcad06152d3a

    • Size

      536KB

    • MD5

      1c7b51fc42a4cb6f04c7bcad06152d3a

    • SHA1

      087011b2bdbe8ad0a2486fbb5c0f6817259dc785

    • SHA256

      4644517d2806702549b846419b6535fe1f921619f9d1beed5227b46417e97880

    • SHA512

      54ae9f8dbb6f3d5da6c88edbec1f3608160a6c6ddcba30f55a106d2c59be0f8751f5297bbcaa5e24794ef2e24e4aa593154967838767815cbdf67850d359af45

    • SSDEEP

      12288:q0nPhglq2Uyt4R/b2G/0hznQGoexBU/NPd:q0P/k4lb2wKatd

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks