Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e7b17b5ec48c22672364714a5c60964b6089c0f5dd133c9bb5b1794ae03ca0bbN

  • Size

    555KB

  • Sample

    240918-zvr39stake

  • MD5

    77cb473575e36fde924b9444f32c5270

  • SHA1

    6e67a34d086a38ed35c6e8ce49d6c930f14df324

  • SHA256

    e7b17b5ec48c22672364714a5c60964b6089c0f5dd133c9bb5b1794ae03ca0bb

  • SHA512

    ce99cc121968eb509739b8d3466915a6068b991750dc67a795f9986a79a13e655a6710bfca609eee9f8a1102480285cc5155c39660d854722f1fb31803586d0d

  • SSDEEP

    12288:++GtVfjTQSaoINAHT1VQ1i3SyQEW85gzlm:+rt4/NArwjs5olm

Score
10/10

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

Targets

    • Target

      e7b17b5ec48c22672364714a5c60964b6089c0f5dd133c9bb5b1794ae03ca0bbN

    • Size

      555KB

    • MD5

      77cb473575e36fde924b9444f32c5270

    • SHA1

      6e67a34d086a38ed35c6e8ce49d6c930f14df324

    • SHA256

      e7b17b5ec48c22672364714a5c60964b6089c0f5dd133c9bb5b1794ae03ca0bb

    • SHA512

      ce99cc121968eb509739b8d3466915a6068b991750dc67a795f9986a79a13e655a6710bfca609eee9f8a1102480285cc5155c39660d854722f1fb31803586d0d

    • SSDEEP

      12288:++GtVfjTQSaoINAHT1VQ1i3SyQEW85gzlm:+rt4/NArwjs5olm

    Score
    10/10
    • Urelas

      Urelas is a trojan targeting card games.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks