General
-
Target
ggmaps..exe
-
Size
11.4MB
-
Sample
230107-yag7wsee47
-
MD5
2e4cdf61494a9474c0b128c6773d39bc
-
SHA1
1d2c133442fb369c7efb29c370a111053d87c7dd
-
SHA256
d0fc15b58f4ec8eb259f3c361de11fe0be5da9ca6ede42c9f0b2b168d19a32d2
-
SHA512
ccb57e71c091f9bfe90e56d9550f0c56dce544633d850aa9daa37e2379a77765d210618a40dbb001d947181cd7c7640e9ce962b8146152d2ef7b02c6aacef434
-
SSDEEP
24576:BBF+opvcaJ+mqmz+iMqe1qYAVoxIQF7xColG87D/3ln1XQo8sNXekR4i+V2CQQ8o:BB46zZzO1qYAVoxF7jxRpmxxk+YfoEK
Static task
static1
Behavioral task
behavioral1
Sample
ggmaps..exe
Resource
win7-20220812-en
Malware Config
Extracted
aurora
176.124.210.153:8081
Targets
-
-
Target
ggmaps..exe
-
Size
11.4MB
-
MD5
2e4cdf61494a9474c0b128c6773d39bc
-
SHA1
1d2c133442fb369c7efb29c370a111053d87c7dd
-
SHA256
d0fc15b58f4ec8eb259f3c361de11fe0be5da9ca6ede42c9f0b2b168d19a32d2
-
SHA512
ccb57e71c091f9bfe90e56d9550f0c56dce544633d850aa9daa37e2379a77765d210618a40dbb001d947181cd7c7640e9ce962b8146152d2ef7b02c6aacef434
-
SSDEEP
24576:BBF+opvcaJ+mqmz+iMqe1qYAVoxIQF7xColG87D/3ln1XQo8sNXekR4i+V2CQQ8o:BB46zZzO1qYAVoxF7jxRpmxxk+YfoEK
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-