Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

7dc65d9c94...bd.exe

windows7-x64

10

7dc65d9c94...bd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7dc65d9c94107d44f11243b4ab87a10a4240197f3e43290df5ee3eee17c67bbd

  • Size

    324KB

  • Sample

    241018-3tkvcavcmc

  • MD5

    ab6d9878df743508071fd9e3955838ab

  • SHA1

    96c1199c5fd42a27bb48670747a2b5e11c93236b

  • SHA256

    7dc65d9c94107d44f11243b4ab87a10a4240197f3e43290df5ee3eee17c67bbd

  • SHA512

    580119508f096725ea7916d7d7b3560ae69e18cbb3f9ac4ae1db17151f03d8fc5ce5414664b321af2456b350d9186eba0a15d273da9c4d35b7090e0a81b5e2b1

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYO:vHW138/iXWlK885rKlGSekcj66ciH

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      7dc65d9c94107d44f11243b4ab87a10a4240197f3e43290df5ee3eee17c67bbd

    • Size

      324KB

    • MD5

      ab6d9878df743508071fd9e3955838ab

    • SHA1

      96c1199c5fd42a27bb48670747a2b5e11c93236b

    • SHA256

      7dc65d9c94107d44f11243b4ab87a10a4240197f3e43290df5ee3eee17c67bbd

    • SHA512

      580119508f096725ea7916d7d7b3560ae69e18cbb3f9ac4ae1db17151f03d8fc5ce5414664b321af2456b350d9186eba0a15d273da9c4d35b7090e0a81b5e2b1

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYO:vHW138/iXWlK885rKlGSekcj66ciH

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks