General
-
Target
npp.8.4.8.Installer.x64.exe
-
Size
4.4MB
-
Sample
230118-recdwaeh4x
-
MD5
70b0af7f90b6cbbbf8cc7f25fb84b6f6
-
SHA1
9e9667fc37f25bfabefa16b6a226cb01e58bdfbd
-
SHA256
d352ac54030d52244bf5de3963ed2a49059556bf033fedb67f27d06dfbd3ae39
-
SHA512
552dde4103a066ca198ba9f50405777a85988fef13a1d5bce56ddec30f04331b646f3b7455dccef6e3853e7f0abce38b80be8447c95d456e85c23197daa1edc0
-
SSDEEP
49152:t/XTnwHA9dbfpbeWj9NTpGktKDJ3MbopOblGxPjhprhapt9JUOd6A02F1dNtvZkD:tvTnsA9ddb/jBoxPaJUm/NdZ+
Behavioral task
behavioral1
Sample
npp.8.4.8.Installer.x64.exe
Resource
win10-20220812-en
Malware Config
Extracted
aurora
79.137.133.225:8081
Targets
-
-
Target
npp.8.4.8.Installer.x64.exe
-
Size
4.4MB
-
MD5
70b0af7f90b6cbbbf8cc7f25fb84b6f6
-
SHA1
9e9667fc37f25bfabefa16b6a226cb01e58bdfbd
-
SHA256
d352ac54030d52244bf5de3963ed2a49059556bf033fedb67f27d06dfbd3ae39
-
SHA512
552dde4103a066ca198ba9f50405777a85988fef13a1d5bce56ddec30f04331b646f3b7455dccef6e3853e7f0abce38b80be8447c95d456e85c23197daa1edc0
-
SSDEEP
49152:t/XTnwHA9dbfpbeWj9NTpGktKDJ3MbopOblGxPjhprhapt9JUOd6A02F1dNtvZkD:tvTnsA9ddb/jBoxPaJUm/NdZ+
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-