General

  • Target

    00c142f59684f5582673779b0a21edb9309ac9bf24392e41b621899a626cc6d5

  • Size

    1.8MB

  • Sample

    221225-vjvykabg57

  • MD5

    3e8b9e2a1f3d5a7a2322bce514e90a27

  • SHA1

    d0e6cf406c70bb223ebaa41aa12f3b34ac217e7f

  • SHA256

    00c142f59684f5582673779b0a21edb9309ac9bf24392e41b621899a626cc6d5

  • SHA512

    b75b86bcc939946944239222f7dc0498f0fad890a61325d53114431f6b746bb4853f6a15f65716c7880afd5c21dd85b91f10e4235b503643314e2371aa4648b7

  • SSDEEP

    49152:IxAe6dbyjfq0sOyyRjr5lSOLUQgEuTDc:IxD6efq0sOZxROE

Score
10/10

Malware Config

Extracted

Family

aurora

C2

195.43.142.218:8081

Targets

    • Target

      00c142f59684f5582673779b0a21edb9309ac9bf24392e41b621899a626cc6d5

    • Size

      1.8MB

    • MD5

      3e8b9e2a1f3d5a7a2322bce514e90a27

    • SHA1

      d0e6cf406c70bb223ebaa41aa12f3b34ac217e7f

    • SHA256

      00c142f59684f5582673779b0a21edb9309ac9bf24392e41b621899a626cc6d5

    • SHA512

      b75b86bcc939946944239222f7dc0498f0fad890a61325d53114431f6b746bb4853f6a15f65716c7880afd5c21dd85b91f10e4235b503643314e2371aa4648b7

    • SSDEEP

      49152:IxAe6dbyjfq0sOyyRjr5lSOLUQgEuTDc:IxD6efq0sOZxROE

    Score
    10/10
    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks