Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

506a4b2f07...0N.exe

windows7-x64

10

506a4b2f07...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    506a4b2f07b85042d59325b112bf3fc0N.exe

  • Size

    67KB

  • Sample

    240803-fe95cstemj

  • MD5

    506a4b2f07b85042d59325b112bf3fc0

  • SHA1

    25a268da263c487b091a4eacc8d3981a609ba4f0

  • SHA256

    533cc19bd9b2b2bd5db03316d8a7e486f03c5c4b697887b33f1b691b37925d35

  • SHA512

    a8795aead64626f92a8a135cf79565561461cedf09071f5e95c5c4b1a3532bd3333059a2c611ad580be43e41c2d14d80183d6b514a3679aeeb30a966232ca81e

  • SSDEEP

    1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPe9:l//AjMp+u2onejH2Pe9

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.47.76

218.54.47.77

218.54.47.74

Targets

    • Target

      506a4b2f07b85042d59325b112bf3fc0N.exe

    • Size

      67KB

    • MD5

      506a4b2f07b85042d59325b112bf3fc0

    • SHA1

      25a268da263c487b091a4eacc8d3981a609ba4f0

    • SHA256

      533cc19bd9b2b2bd5db03316d8a7e486f03c5c4b697887b33f1b691b37925d35

    • SHA512

      a8795aead64626f92a8a135cf79565561461cedf09071f5e95c5c4b1a3532bd3333059a2c611ad580be43e41c2d14d80183d6b514a3679aeeb30a966232ca81e

    • SSDEEP

      1536:04/WgLAjdZsp+uChoLnDeoqYAJjvLFymnHsPe9:l//AjMp+u2onejH2Pe9

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks