Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6b500846eacd59046fa9c79fce718770_NeikiAnalytics.exe

  • Size

    6.5MB

  • Sample

    240526-fl152age48

  • MD5

    6b500846eacd59046fa9c79fce718770

  • SHA1

    357713319a8d77551edb23c85a29fd881cf29339

  • SHA256

    144113097b9b329d148501a7be994c4e4b2eb0c5f8aa197e5e58b99f7154293b

  • SHA512

    3b3f2b33181c64be3976815fdf84396e037773c0b470482866496d5a08e576cbf3551c337bceca9d74e73e7bae79ba68d6ac274b2e59c04f1c8dddbb4560a3c7

  • SSDEEP

    98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSv:i0LrA2kHKQHNk3og9unipQyOaOv

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.165

218.54.31.226

Targets

    • Target

      6b500846eacd59046fa9c79fce718770_NeikiAnalytics.exe

    • Size

      6.5MB

    • MD5

      6b500846eacd59046fa9c79fce718770

    • SHA1

      357713319a8d77551edb23c85a29fd881cf29339

    • SHA256

      144113097b9b329d148501a7be994c4e4b2eb0c5f8aa197e5e58b99f7154293b

    • SHA512

      3b3f2b33181c64be3976815fdf84396e037773c0b470482866496d5a08e576cbf3551c337bceca9d74e73e7bae79ba68d6ac274b2e59c04f1c8dddbb4560a3c7

    • SSDEEP

      98304:Roc5swrA2XGxlHKcjTjNk3o659yrnfKtDrKIAyyks+Ctf8mQZVSv:i0LrA2kHKQHNk3og9unipQyOaOv

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks