General

  • Target

    2b4f9e8960bb6332bada4a2b24e068ea.exe

  • Size

    4.3MB

  • Sample

    230120-khkq4aac69

  • MD5

    2b4f9e8960bb6332bada4a2b24e068ea

  • SHA1

    491f3de6fbc123931f3d12c3db9e0c680766aa8b

  • SHA256

    32e557a0c7a350e6c8dc9c97c1a3390fb66a95450cbed68c2226098e7d423c30

  • SHA512

    5455dc8b97bd1d1ba0317a1209996f8a4dfa39939d897f8c77abec47c34d8e1f892161fdc8e6608d703ab807cb7ead480f2ca58af70a05a1b4b2dd50ee90c77d

  • SSDEEP

    98304:4GT7aesRPjOFD9EE2gSpdPZDH9ePRqBabJUAN0:7a1XE2gSpdPZDH9ePRqBa6g0

Score
10/10

Malware Config

Extracted

Family

aurora

C2

77.83.173.136:8081

Targets

    • Target

      2b4f9e8960bb6332bada4a2b24e068ea.exe

    • Size

      4.3MB

    • MD5

      2b4f9e8960bb6332bada4a2b24e068ea

    • SHA1

      491f3de6fbc123931f3d12c3db9e0c680766aa8b

    • SHA256

      32e557a0c7a350e6c8dc9c97c1a3390fb66a95450cbed68c2226098e7d423c30

    • SHA512

      5455dc8b97bd1d1ba0317a1209996f8a4dfa39939d897f8c77abec47c34d8e1f892161fdc8e6608d703ab807cb7ead480f2ca58af70a05a1b4b2dd50ee90c77d

    • SSDEEP

      98304:4GT7aesRPjOFD9EE2gSpdPZDH9ePRqBabJUAN0:7a1XE2gSpdPZDH9ePRqBa6g0

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks