Resubmissions

03/01/2023, 01:41

230103-b4jw9ace81 10

03/01/2023, 01:13

230103-bk4gjscb8s 10

General

  • Target

    AnyDesk (3).exe

  • Size

    767.0MB

  • Sample

    230103-bk4gjscb8s

  • MD5

    c54c7745569a2a47ebeb8e6a7614a8ab

  • SHA1

    871f4233cff27dc8e2fdf8ee6b0be351506ca2d3

  • SHA256

    7b934e20c2cbfdcbad2c90c58fd890cd1f0b436588009a06d9a94f52efddb1ab

  • SHA512

    60350a7edc9e8fb0f739d0fcf9b3ae66a2e0530238197307ce8c73bf8d0032d79681c7e4d283a4da6da75b291dfa96c25e6419d5c5459ae30aa6a4e8b9e861fb

  • SSDEEP

    49152:/n93G6wlbthDFdXrRjiyPDaEsLFA84+TI3lk1:MPb1idLO84w

Score
10/10

Malware Config

Extracted

Family

aurora

C2

172.86.122.46:8081

Targets

    • Target

      AnyDesk (3).exe

    • Size

      767.0MB

    • MD5

      c54c7745569a2a47ebeb8e6a7614a8ab

    • SHA1

      871f4233cff27dc8e2fdf8ee6b0be351506ca2d3

    • SHA256

      7b934e20c2cbfdcbad2c90c58fd890cd1f0b436588009a06d9a94f52efddb1ab

    • SHA512

      60350a7edc9e8fb0f739d0fcf9b3ae66a2e0530238197307ce8c73bf8d0032d79681c7e4d283a4da6da75b291dfa96c25e6419d5c5459ae30aa6a4e8b9e861fb

    • SSDEEP

      49152:/n93G6wlbthDFdXrRjiyPDaEsLFA84+TI3lk1:MPb1idLO84w

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks