Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a5dcef0539...a4.exe

windows7-x64

10

a5dcef0539...a4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5dcef05390011cec11500cf04cf823843f69f7bab0b0124d9ddf021d885daa4.exe

  • Size

    336KB

  • Sample

    241206-znwg4ssrdr

  • MD5

    b45c2b558660b3980a3d28bd0a3e5d3d

  • SHA1

    83c94266393e4acbac9c18e91a650ae358a78f99

  • SHA256

    a5dcef05390011cec11500cf04cf823843f69f7bab0b0124d9ddf021d885daa4

  • SHA512

    6f53de692a3fcbaa8146411787f6654f1d6b64ba239f18a6cd1e132a75a3950c64f229dbe8ef7716f002877032de7d903dd84b63bd1ea4bd0e7174420f3b4774

  • SSDEEP

    6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYvRQ:vHW138/iXWlK885rKlGSekcj66ci2i

Score
10/10
urelasdiscoverytrojan

Malware Config

Extracted

Family

urelas

C2

218.54.31.226

218.54.31.165

218.54.31.166

Targets

    • Target

      a5dcef05390011cec11500cf04cf823843f69f7bab0b0124d9ddf021d885daa4.exe

    • Size

      336KB

    • MD5

      b45c2b558660b3980a3d28bd0a3e5d3d

    • SHA1

      83c94266393e4acbac9c18e91a650ae358a78f99

    • SHA256

      a5dcef05390011cec11500cf04cf823843f69f7bab0b0124d9ddf021d885daa4

    • SHA512

      6f53de692a3fcbaa8146411787f6654f1d6b64ba239f18a6cd1e132a75a3950c64f229dbe8ef7716f002877032de7d903dd84b63bd1ea4bd0e7174420f3b4774

    • SSDEEP

      6144:nvHWrZ+i8/iYiVst4UKVRw8pDrKlGSeNWcx1RsF9gc+XYvRQ:vHW138/iXWlK885rKlGSekcj66ci2i

    Score
    10/10
    urelasdiscoverytrojan

    • Urelas

      Urelas is a trojan targeting card games.

      trojanurelas

    • Urelas family

      urelas

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks