General

  • Target

    extracted.exe

  • Size

    4.5MB

  • Sample

    230119-ye8weahb68

  • MD5

    13ab6631db796ac189d7f29e1a86e1f7

  • SHA1

    342b9765c1df3c6ec832199f91eb2ffe808a416e

  • SHA256

    7c5f6eb2a7eafa8c6891486bb1af755cc64e087c67945ab51bada4f4fcaea2ed

  • SHA512

    a718bf555b293716f2c82011db68b3aa7d8a93ee746b5e2795393c8bd478e459b175570302a97cf3238a0248899c23e8553579c41317741a39e4431a9909a5b3

  • SSDEEP

    49152:HBj9ybH3dYuRgGWUgu1P472tqHlZ11tCwa45E0DwtGH5RDHW01:mbHLR3472tOrELGZRD

Score
10/10

Malware Config

Extracted

Family

aurora

C2

195.123.218.52:8081

Targets

    • Target

      extracted.exe

    • Size

      4.5MB

    • MD5

      13ab6631db796ac189d7f29e1a86e1f7

    • SHA1

      342b9765c1df3c6ec832199f91eb2ffe808a416e

    • SHA256

      7c5f6eb2a7eafa8c6891486bb1af755cc64e087c67945ab51bada4f4fcaea2ed

    • SHA512

      a718bf555b293716f2c82011db68b3aa7d8a93ee746b5e2795393c8bd478e459b175570302a97cf3238a0248899c23e8553579c41317741a39e4431a9909a5b3

    • SSDEEP

      49152:HBj9ybH3dYuRgGWUgu1P472tqHlZ11tCwa45E0DwtGH5RDHW01:mbHLR3472tOrELGZRD

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks