General

  • Target

    tmp

  • Size

    5.3MB

  • Sample

    230118-s7ha9scb75

  • MD5

    03f0c3802261406b2967dbcfb79908a3

  • SHA1

    ace07a67c0662cec70e52629296a3bd58db04505

  • SHA256

    912f7d82ed878471ace2ca79a7e17ecad0b2bdf430570e646efaa940b01fc579

  • SHA512

    0c919330c24bc463b489474a8513558075a8546f17daa82f10553053386ff2ba834df60b62e9d87067c57a95add281e540cf634538094fcc921b8a830fa4dd01

  • SSDEEP

    49152:HPF2LUHXcw7ADxCzjNNTpGktKDJ3Mx3Cww7JrzDNp0maVtGJUdBn02F1eNt:HN2L4Xcwcx+jvIrzFJUWN

Score
10/10

Malware Config

Extracted

Family

aurora

C2

85.209.135.29:8081

Targets

    • Target

      tmp

    • Size

      5.3MB

    • MD5

      03f0c3802261406b2967dbcfb79908a3

    • SHA1

      ace07a67c0662cec70e52629296a3bd58db04505

    • SHA256

      912f7d82ed878471ace2ca79a7e17ecad0b2bdf430570e646efaa940b01fc579

    • SHA512

      0c919330c24bc463b489474a8513558075a8546f17daa82f10553053386ff2ba834df60b62e9d87067c57a95add281e540cf634538094fcc921b8a830fa4dd01

    • SSDEEP

      49152:HPF2LUHXcw7ADxCzjNNTpGktKDJ3Mx3Cww7JrzDNp0maVtGJUdBn02F1eNt:HN2L4Xcwcx+jvIrzFJUWN

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks