Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

db2dae2c9d...cs.exe

windows7-x64

10

db2dae2c9d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db2dae2c9dcb4e0ca11c4954d2ac6210_NeikiAnalytics

  • Size

    430KB

  • Sample

    240510-n953wsgf95

  • MD5

    db2dae2c9dcb4e0ca11c4954d2ac6210

  • SHA1

    0af265bc32c5e04bf672c5214b7336a45e5f610d

  • SHA256

    604e4873305c29b900ad2f6307726dde665a69c54bcb00df0c4b82403f098205

  • SHA512

    866e2ff535549ebd89df3812eca77a6d418f6e45ab0ab2c7c34f72e6cc5c7941929858d9099cd212bcae625a97414d62b5deda817d81a46a00970ac90d35754d

  • SSDEEP

    6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKmC:4ANxU3VH1t19MsAlpXw

Score
10/10
urelasaspackv2trojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      db2dae2c9dcb4e0ca11c4954d2ac6210_NeikiAnalytics

    • Size

      430KB

    • MD5

      db2dae2c9dcb4e0ca11c4954d2ac6210

    • SHA1

      0af265bc32c5e04bf672c5214b7336a45e5f610d

    • SHA256

      604e4873305c29b900ad2f6307726dde665a69c54bcb00df0c4b82403f098205

    • SHA512

      866e2ff535549ebd89df3812eca77a6d418f6e45ab0ab2c7c34f72e6cc5c7941929858d9099cd212bcae625a97414d62b5deda817d81a46a00970ac90d35754d

    • SSDEEP

      6144:BKbwhNxUjDVMytD2NkWuRk/oBmodd+sAaTmQo2fkKmC:4ANxU3VH1t19MsAlpXw

    Score
    10/10
    urelasaspackv2trojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks