General
-
Target
Google Maps.zip
-
Size
2.8MB
-
Sample
221228-s6rtbaag46
-
MD5
fddd90a47c4a4b6d9700421dae264ed3
-
SHA1
fe596b637f78d75caf3723384c270c878d7f8698
-
SHA256
1eae48337bc7564fc84e01ebbf6fb5b748fa79a29062f702f626563c2d6c789e
-
SHA512
b4a9f8a838eb7b32ec9230e277b330aa987564d2a7303bac13d93097b93e7b8760dcf5d8ef57d54f87e69925e788b26adf7c4f7b8fc20476ee1e72937be9a5bf
-
SSDEEP
49152:JQudAfE/GN3bCEVX/47gbaqIIWhAEyqlf2JrbOGXkiNTi:b/GB/ot9jhAEymiaGXkiNTi
Static task
static1
Behavioral task
behavioral1
Sample
Google Maps.exe
Resource
win7-20220812-en
Malware Config
Extracted
aurora
45.138.74.160:8081
Targets
-
-
Target
Google Maps.com
-
Size
941.3MB
-
MD5
875e34da7d4eaf4b93276025f840780c
-
SHA1
7d04d7dd3d12865b7045dc291c1e57b03e36a176
-
SHA256
79845c48612bcbf72ecd6bd29762c9c76772c619df8e5850b0e7e5d4bb2629de
-
SHA512
3a4b9f6f241b9d17e96194e0b6070de8708c461f110b9a8412b1026cdca2bd8e0622290aa3ceb7eee10230ad8c663953c64f94243b0fffe8883ccee9a8ee8661
-
SSDEEP
24576:Z2SoIENPiHQkXXXGGupmrYR6UMSrtynq99sg2TDNfnGjpuGX80:sIErSWyq9R23euGX80
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-