Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    069aa0e3df9c8016e4f601aa09dad6c0_NeikiAnalytics

  • Size

    468KB

  • Sample

    240511-qaspmabh48

  • MD5

    069aa0e3df9c8016e4f601aa09dad6c0

  • SHA1

    e96a79c1d02a145afaf0be07561907ddc191ca0d

  • SHA256

    e7c54961d58e2bc9c6da716cec5cb4d8336437c9cc15901ee8e3f7a23666f744

  • SHA512

    0b262ed6b5138ff0abbab16b6af274b2ff8c0955fa45baf641f72ba43d4144b008720caf14e144e6345e70f88f112a421c5b16df47abdfe11c0dcbb86f70739b

  • SSDEEP

    6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdmY:LMpASIcWYx2U6hAJVG

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      069aa0e3df9c8016e4f601aa09dad6c0_NeikiAnalytics

    • Size

      468KB

    • MD5

      069aa0e3df9c8016e4f601aa09dad6c0

    • SHA1

      e96a79c1d02a145afaf0be07561907ddc191ca0d

    • SHA256

      e7c54961d58e2bc9c6da716cec5cb4d8336437c9cc15901ee8e3f7a23666f744

    • SHA512

      0b262ed6b5138ff0abbab16b6af274b2ff8c0955fa45baf641f72ba43d4144b008720caf14e144e6345e70f88f112a421c5b16df47abdfe11c0dcbb86f70739b

    • SSDEEP

      6144:LEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhVOpdFRdmY:LMpASIcWYx2U6hAJVG

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks