General

  • Target

    3b9583b311fe153554070b0f77bf92db75d32574f1d5b04c24e4b7fd6c80fd16

  • Size

    3.2MB

  • Sample

    221215-17jhbsge4t

  • MD5

    3134faa348233c0c2c5f7146e8ea387d

  • SHA1

    627d62a6afd81815fbc7aa8da0e8dd14746a1517

  • SHA256

    3b9583b311fe153554070b0f77bf92db75d32574f1d5b04c24e4b7fd6c80fd16

  • SHA512

    1ee2592e7d2b8c6eb42a7d00942716da854896a6746e2b1204a04114398b5757baac38c0e17de51e98077ef398e68d170b056c3ae896641710178c300383b68b

  • SSDEEP

    49152:YEgVitS8AHWkdHeagiPbspNqc2Y1hQ4j14CkeHOXaOoo5b:YEgKgWs+vCyNqc2Y1D3H

Score
10/10

Malware Config

Extracted

Family

aurora

C2

193.42.33.157:8081

Targets

    • Target

      3b9583b311fe153554070b0f77bf92db75d32574f1d5b04c24e4b7fd6c80fd16

    • Size

      3.2MB

    • MD5

      3134faa348233c0c2c5f7146e8ea387d

    • SHA1

      627d62a6afd81815fbc7aa8da0e8dd14746a1517

    • SHA256

      3b9583b311fe153554070b0f77bf92db75d32574f1d5b04c24e4b7fd6c80fd16

    • SHA512

      1ee2592e7d2b8c6eb42a7d00942716da854896a6746e2b1204a04114398b5757baac38c0e17de51e98077ef398e68d170b056c3ae896641710178c300383b68b

    • SSDEEP

      49152:YEgVitS8AHWkdHeagiPbspNqc2Y1hQ4j14CkeHOXaOoo5b:YEgKgWs+vCyNqc2Y1D3H

    Score
    10/10
    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks