c148c449e1f6c4c53a7278090453d935d1ab71c3e8b69511f98993b6057f612d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13469-2022-AURORA-CTI.exe
Size

3.0MB
Sample

221220-m7s5wace4t
MD5

51c153501e991f6ce4901e6d9578d0c8
SHA1

3816f17052b28603855bde3e57db77a8455bdea4
SHA256

c148c449e1f6c4c53a7278090453d935d1ab71c3e8b69511f98993b6057f612d
SHA512

17e0e0cfb098c28c2d52c9c689121a63cbd0c5fc15d1176245489200e251c5f2b43d6eda5a296c4a0617a5e77a239a1d87b67feb9bbcd87f9c62c09d74aec32e
SSDEEP

49152:5L3cO9ce2dDTuCCpr7HFHTAWJeaksL6M8dS148k1:f/2Bor7lHnLd8M

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  13469-2022-AURORA-CTI.exe
- Size
  
  3.0MB
- MD5
  
  51c153501e991f6ce4901e6d9578d0c8
- SHA1
  
  3816f17052b28603855bde3e57db77a8455bdea4
- SHA256
  
  c148c449e1f6c4c53a7278090453d935d1ab71c3e8b69511f98993b6057f612d
- SHA512
  
  17e0e0cfb098c28c2d52c9c689121a63cbd0c5fc15d1176245489200e251c5f2b43d6eda5a296c4a0617a5e77a239a1d87b67feb9bbcd87f9c62c09d74aec32e
- SSDEEP
  
  49152:5L3cO9ce2dDTuCCpr7HFHTAWJeaksL6M8dS148k1:f/2Bor7lHnLd8M
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2