General
-
Target
out.exe
-
Size
4.6MB
-
Sample
230120-plp77sff6x
-
MD5
f85e29c74f2a686ae241c65b35afe981
-
SHA1
66d601169993d21f953f804908a89d8166cc64f8
-
SHA256
eb6ff3d3fe8e111f87fcb1068bd9616bf4217ec543335117a491cc755552f4b8
-
SHA512
3fddee4b98c45669d208487ec528b42e31a4c0e55f6eb2543796e4218c1236dc03df7d0fd270336cc1c91cb81d5a230750efd4fa92cb7e3c29151bd8d3a1476a
-
SSDEEP
49152:EN6LYEffWu9W97jbNTpGktKDJ3M0X3BM18xlvQaJz6JU63M02F1/Nd:EQLfffW1tjKW18eJUPN
Behavioral task
behavioral1
Sample
out.exe
Resource
win7-20221111-en
Malware Config
Extracted
aurora
45.15.156.210:8081
Targets
-
-
Target
out.exe
-
Size
4.6MB
-
MD5
f85e29c74f2a686ae241c65b35afe981
-
SHA1
66d601169993d21f953f804908a89d8166cc64f8
-
SHA256
eb6ff3d3fe8e111f87fcb1068bd9616bf4217ec543335117a491cc755552f4b8
-
SHA512
3fddee4b98c45669d208487ec528b42e31a4c0e55f6eb2543796e4218c1236dc03df7d0fd270336cc1c91cb81d5a230750efd4fa92cb7e3c29151bd8d3a1476a
-
SSDEEP
49152:EN6LYEffWu9W97jbNTpGktKDJ3M0X3BM18xlvQaJz6JU63M02F1/Nd:EQLfffW1tjKW18eJUPN
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-