Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

cfa5620c30...18.exe

windows7-x64

10

cfa5620c30...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfa5620c309466a0e1df45188c09e3f4_JaffaCakes118

  • Size

    517KB

  • Sample

    241206-3tqetsvjbw

  • MD5

    cfa5620c309466a0e1df45188c09e3f4

  • SHA1

    f80f69c798695a8460fd701a8e5819dea02b5d75

  • SHA256

    4e51ae51b6b04aef6bfead49ef8da26e5387fc159cb07e4139c10b7b2d734afc

  • SHA512

    4d493fd5524877e70a0b39657ba0d67ca547e1d65f5d3a5fdfc3cb09a420799e7ffc3036577bac30e0c377a48142e694b804c9b8353e3810ce5824b79f24ea78

  • SSDEEP

    12288:AyPHijVSuJqu4kwaeDPvjJ81VGqK6GvPR:AuCTq4waor+Gnp

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

1.234.83.146

133.242.129.155

218.54.31.226

218.54.31.165

Targets

    • Target

      cfa5620c309466a0e1df45188c09e3f4_JaffaCakes118

    • Size

      517KB

    • MD5

      cfa5620c309466a0e1df45188c09e3f4

    • SHA1

      f80f69c798695a8460fd701a8e5819dea02b5d75

    • SHA256

      4e51ae51b6b04aef6bfead49ef8da26e5387fc159cb07e4139c10b7b2d734afc

    • SHA512

      4d493fd5524877e70a0b39657ba0d67ca547e1d65f5d3a5fdfc3cb09a420799e7ffc3036577bac30e0c377a48142e694b804c9b8353e3810ce5824b79f24ea78

    • SSDEEP

      12288:AyPHijVSuJqu4kwaeDPvjJ81VGqK6GvPR:AuCTq4waor+Gnp

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.