General
-
Target
myphotos_12-reducedSize.exe
-
Size
5.2MB
-
Sample
221230-yjjr3sbf7t
-
MD5
998e7843ec353d65c1bf369c9365d35a
-
SHA1
336bf70bc8b47cd23cd21e507850f857a55a74ac
-
SHA256
a4560d46d9b0cafa629c19d9205adb72d0f4c72ebbe242926a6a42559712f1b1
-
SHA512
b291c7adab207b0a6885bd2fc4dcaf4061e0ebb1e2d569ca607652b7fa4b552dc9e8ca84fbb92f0a799e6c0e271e4136482ffaed2922fd141e27e80a95b338e4
-
SSDEEP
98304:LbqgKDxqPbenHTpM5nQeKMYHU8o74aqF:LCDxqKMdpKV0R4a
Static task
static1
Behavioral task
behavioral1
Sample
myphotos_12-reducedSize.exe
Resource
win7-20220901-en
Malware Config
Extracted
aurora
45.138.74.160:8081
Targets
-
-
Target
myphotos_12-reducedSize.exe
-
Size
5.2MB
-
MD5
998e7843ec353d65c1bf369c9365d35a
-
SHA1
336bf70bc8b47cd23cd21e507850f857a55a74ac
-
SHA256
a4560d46d9b0cafa629c19d9205adb72d0f4c72ebbe242926a6a42559712f1b1
-
SHA512
b291c7adab207b0a6885bd2fc4dcaf4061e0ebb1e2d569ca607652b7fa4b552dc9e8ca84fbb92f0a799e6c0e271e4136482ffaed2922fd141e27e80a95b338e4
-
SSDEEP
98304:LbqgKDxqPbenHTpM5nQeKMYHU8o74aqF:LCDxqKMdpKV0R4a
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-