Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5e3736dc1510bb7d1150de43e8765282_JaffaCakes118
-
Size
494KB
-
Sample
241019-xxdmjstana
-
MD5
5e3736dc1510bb7d1150de43e8765282
-
SHA1
0691a3c82929a3b66bcd7dbc00408aa50914511c
-
SHA256
a54eea8a4dddc7f36ad25928c63c03871aff5f56c6033ca9f300fcadf0a63f25
-
SHA512
b1f1312c2292859b23469b62c7bf7809cc8f64c6aa9f17db3af78061ed6d6ddbca9939a24b17f49c68f6ed387dd2279a6748c32f4609709a3ff305182a074bb4
-
SSDEEP
6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwI:AOgwmisETzuaeDPvjJ81VGqK6GvPB
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.31.165
Targets
-
-
Target
5e3736dc1510bb7d1150de43e8765282_JaffaCakes118
-
Size
494KB
-
MD5
5e3736dc1510bb7d1150de43e8765282
-
SHA1
0691a3c82929a3b66bcd7dbc00408aa50914511c
-
SHA256
a54eea8a4dddc7f36ad25928c63c03871aff5f56c6033ca9f300fcadf0a63f25
-
SHA512
b1f1312c2292859b23469b62c7bf7809cc8f64c6aa9f17db3af78061ed6d6ddbca9939a24b17f49c68f6ed387dd2279a6748c32f4609709a3ff305182a074bb4
-
SSDEEP
6144:NKLOgsgomKLEFESGz0SPpeEPkPDPrzgtRY5RdrHc13FG9ItU6GvPwI:AOgwmisETzuaeDPvjJ81VGqK6GvPB
Score10/10-
Urelas
Urelas is a trojan targeting card games.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-