Resubmissions

17/01/2023, 08:54

230117-kt955adc78 10

17/01/2023, 08:48

230117-kqh78shb7w 10

General

  • Target

    newCopy.exe

  • Size

    4.4MB

  • Sample

    230117-kt955adc78

  • MD5

    0dcec1603bf0687984e5a025fcb348e3

  • SHA1

    6ad75ca45ce4f4d6c37bc720e75de75b84166add

  • SHA256

    fd17b39833ee0fae6cc8549dfa602adff3cf002cd0a0ef8fa63876ec50a74552

  • SHA512

    f106bdb6ba37957fae235bbe9f568a3fb915e77cf8d93d27a830d704e98f1a5c640edb6230c4f2fb09ca3d38f9bb570b735b85e918b69ac5eac3a152013d4357

  • SSDEEP

    49152:m3mQeQTNxV3x1kjONTpGktKDJ3MeS1S2VUi6eeKEQaPtmJUpSS02F1KNF:m2QhTNxDKjlZi6cJUMN

Score
10/10

Malware Config

Extracted

Family

aurora

C2

45.15.156.210:8081

Targets

    • Target

      newCopy.exe

    • Size

      4.4MB

    • MD5

      0dcec1603bf0687984e5a025fcb348e3

    • SHA1

      6ad75ca45ce4f4d6c37bc720e75de75b84166add

    • SHA256

      fd17b39833ee0fae6cc8549dfa602adff3cf002cd0a0ef8fa63876ec50a74552

    • SHA512

      f106bdb6ba37957fae235bbe9f568a3fb915e77cf8d93d27a830d704e98f1a5c640edb6230c4f2fb09ca3d38f9bb570b735b85e918b69ac5eac3a152013d4357

    • SSDEEP

      49152:m3mQeQTNxV3x1kjONTpGktKDJ3MeS1S2VUi6eeKEQaPtmJUpSS02F1KNF:m2QhTNxDKjlZi6cJUMN

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks