Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    697e6c37318a960d3ee858311962c010_NeikiAnalytics

  • Size

    7.0MB

  • Sample

    240510-et4epadf69

  • MD5

    697e6c37318a960d3ee858311962c010

  • SHA1

    31c60c71c98c6d0f1d4b4b1d8ebecb98c28b6e02

  • SHA256

    1ccb9551382b0b17cf14cc9795a2b8c2b960431ed355d9ae6c9ca6d9127b5804

  • SHA512

    57544fe94cef5951f14cee05f34ec9608f86a6164a4cb6af6e293a11fc2ce9372fb1688fd28d11bf2d7f530a69ddba00944dc8dc1ca47655298ee753605aaaed

  • SSDEEP

    98304:qIyb6Q+yEnrhQ7aiFQzuz9WqBS4MN+5GxjupWPcYHeCkoTGfLy2dxLb+bCm/KpV8:JbByYBrwWqJDOypxYHeZoOnL0iVsUXS1

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      697e6c37318a960d3ee858311962c010_NeikiAnalytics

    • Size

      7.0MB

    • MD5

      697e6c37318a960d3ee858311962c010

    • SHA1

      31c60c71c98c6d0f1d4b4b1d8ebecb98c28b6e02

    • SHA256

      1ccb9551382b0b17cf14cc9795a2b8c2b960431ed355d9ae6c9ca6d9127b5804

    • SHA512

      57544fe94cef5951f14cee05f34ec9608f86a6164a4cb6af6e293a11fc2ce9372fb1688fd28d11bf2d7f530a69ddba00944dc8dc1ca47655298ee753605aaaed

    • SSDEEP

      98304:qIyb6Q+yEnrhQ7aiFQzuz9WqBS4MN+5GxjupWPcYHeCkoTGfLy2dxLb+bCm/KpV8:JbByYBrwWqJDOypxYHeZoOnL0iVsUXS1

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks