Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

4a8d0c6920...dd.exe

windows7-x64

10

4a8d0c6920...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a8d0c692042fcace23a8b9461050ddd

  • Size

    328KB

  • Sample

    240409-2eh7jaeh63

  • MD5

    4a8d0c692042fcace23a8b9461050ddd

  • SHA1

    b9eb6d038650d33fe9553d4e692e25088113d91f

  • SHA256

    d6d1d6fe4be85a2b54ca97dcb642c53011e5b507eeb13f5c27cfa3c2aa751103

  • SHA512

    f51092c252afb5844b3e7ba4b98aeb7e329a7e05a63504a8e627d3ce2717e9edf73a5e8c218b28d11af5d32a1996e54512588688fa8ddbf29549ec656299f473

  • SSDEEP

    6144:wObaeY8zPekKKH/hT8PVdkLHtA3nPER5oSHzZ4NyM:wOb/KKH/hT8PVdkJA3uoSir

Score
10/10
urelastrojanupx

Malware Config

Extracted

Family

urelas

C2

121.88.5.184

121.88.5.183

218.54.30.235

218.54.28.139

Targets

    • Target

      4a8d0c692042fcace23a8b9461050ddd

    • Size

      328KB

    • MD5

      4a8d0c692042fcace23a8b9461050ddd

    • SHA1

      b9eb6d038650d33fe9553d4e692e25088113d91f

    • SHA256

      d6d1d6fe4be85a2b54ca97dcb642c53011e5b507eeb13f5c27cfa3c2aa751103

    • SHA512

      f51092c252afb5844b3e7ba4b98aeb7e329a7e05a63504a8e627d3ce2717e9edf73a5e8c218b28d11af5d32a1996e54512588688fa8ddbf29549ec656299f473

    • SSDEEP

      6144:wObaeY8zPekKKH/hT8PVdkLHtA3nPER5oSHzZ4NyM:wOb/KKH/hT8PVdkJA3uoSir

    Score
    10/10
    urelastrojanupx

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks