General

  • Target

    Adobe Photoshop.rar

  • Size

    11.7MB

  • Sample

    230104-z7lr1sdb61

  • MD5

    e25166413fc7dd031bff28ded2babaab

  • SHA1

    5cbb5f6afa4ab9cd3591c05257601d3b1b19b9b3

  • SHA256

    092d8757f50307849baf5298a48023fafa6bed22f6d99b6ee2b7f7ddf65aa9fb

  • SHA512

    f1ec5fec68b8fb1d012833de621af2c8af54a0ccdb9e704ae4c7a19030919fbb81feacbf90f0cc395f3d9ba1f916cbab0ede43cffa577c3092a52ae0930f5f93

  • SSDEEP

    196608:pNwkew5bP1DOGHP4JSzv8Vq5I4N+ZXm9GUXw+Z6XngL54VASXPITVa5shhEcfPjw:pNuw5r8qSOvSYbcFm9GUXw+ZnL5wASXb

Score
10/10

Malware Config

Extracted

Family

aurora

C2

5.75.160.178:8081

Targets

    • Target

      Adobe Photoshop/Photoshop Sеtup.exe

    • Size

      783.0MB

    • MD5

      fea3654eaf99db879bcff74659eaa74e

    • SHA1

      a4b86c2b6e71e845f16a490749a1294f20b8aee6

    • SHA256

      812f3a96a29ec158a35a17c1bea464e4b68f2f09152e9f92007fc7b5d93726ab

    • SHA512

      24ed74ca7c927d235d224ecbb9086478e0e289fd5a772d130725d95e0719f183c351cb2df5d7b140b62e2b77f48572c2ffba9059055b454184c44d938d483977

    • SSDEEP

      49152:9Yzui2z1HUOnHnpSdZULOkDZiITRf+EGg7d87/ao50TlG6k1qt:9Xh5HTnyeLRw7KTlH

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks