Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cd0a5b65338d5b8938a2f7746d2b7a1b

  • Size

    1.1MB

  • Sample

    240316-egpqrsdb38

  • MD5

    cd0a5b65338d5b8938a2f7746d2b7a1b

  • SHA1

    6de316020509a70a2de22c15420f4765e1e85cbd

  • SHA256

    fddb13f88b36b3e522df810d59ab1f1af8fdc829d832e39acfe14dfd92d6c07e

  • SHA512

    2dfb93015c8cafa81bdd6eae3280b0af8e03504b92ffe1a0a88bbe427a613d5fccc3a04a46b5c2fe7283e2521a084d1ddc32e04a0ad726e124fe10b988b77287

  • SSDEEP

    12288:tEr6bkpYN2jF7vQZmSohg+k7j6aDG4FuA6lpgTIJcqBZ5YU:tcykpY5852j6aJGl5cqBH

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      cd0a5b65338d5b8938a2f7746d2b7a1b

    • Size

      1.1MB

    • MD5

      cd0a5b65338d5b8938a2f7746d2b7a1b

    • SHA1

      6de316020509a70a2de22c15420f4765e1e85cbd

    • SHA256

      fddb13f88b36b3e522df810d59ab1f1af8fdc829d832e39acfe14dfd92d6c07e

    • SHA512

      2dfb93015c8cafa81bdd6eae3280b0af8e03504b92ffe1a0a88bbe427a613d5fccc3a04a46b5c2fe7283e2521a084d1ddc32e04a0ad726e124fe10b988b77287

    • SSDEEP

      12288:tEr6bkpYN2jF7vQZmSohg+k7j6aDG4FuA6lpgTIJcqBZ5YU:tcykpY5852j6aJGl5cqBH

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks