Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6399522a68a3cf170c13bdabc13e4060_NeikiAnalytics

  • Size

    428KB

  • Sample

    240510-ee6aqsce96

  • MD5

    6399522a68a3cf170c13bdabc13e4060

  • SHA1

    cfa320c03c89680f710197d394ca81959ad1baea

  • SHA256

    54c1e1a863882f3f9d9a755415cdde3a677798bba9bb52e6da2b66383cd4f1f6

  • SHA512

    64a05971ff823fc6aa3c5a835cbcafe06de6f7b7f36e274500a7cc19c1d89d334cd1deb60c0aab2370de9115fa7e5d5b21254231d53f243b24b8961bd577aa9b

  • SSDEEP

    6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKV:4ANxU3VH1t19MsAlpXO

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      6399522a68a3cf170c13bdabc13e4060_NeikiAnalytics

    • Size

      428KB

    • MD5

      6399522a68a3cf170c13bdabc13e4060

    • SHA1

      cfa320c03c89680f710197d394ca81959ad1baea

    • SHA256

      54c1e1a863882f3f9d9a755415cdde3a677798bba9bb52e6da2b66383cd4f1f6

    • SHA512

      64a05971ff823fc6aa3c5a835cbcafe06de6f7b7f36e274500a7cc19c1d89d334cd1deb60c0aab2370de9115fa7e5d5b21254231d53f243b24b8961bd577aa9b

    • SSDEEP

      6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKV:4ANxU3VH1t19MsAlpXO

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks