General

  • Target

    Chromium_Updater_23012023.zip

  • Size

    4.3MB

  • Sample

    230123-w62kasef55

  • MD5

    0c7acc3526aed4f4f996f97a0fc5700d

  • SHA1

    c839f8b2b2b3430360f34df29773050ee97ccacb

  • SHA256

    ea0511bfb24dfc58356e789e0ff452f527e8818d66db66bbd84d0256e5fed3cd

  • SHA512

    be0f89ebd9ea14a9f7341e4b0fc82df1184c329f7752a67ce4754dc55adac6be994c9b97e073741039ce0da3641fbfeded627ce5aace847f0a7c2a9514494121

  • SSDEEP

    98304:dyYk/xKUw0EmOKw1QV6LVfn+olU76K7JxPaA8D3:sYk/xKFdmp3VklC64xPaA8D3

Score
10/10

Malware Config

Extracted

Family

aurora

C2

77.91.124.12:8081

Targets

    • Target

      Chromium Updater.exe

    • Size

      700.0MB

    • MD5

      a7757e47754d9efb1b6a0992eb32cb64

    • SHA1

      c95a545ce4b5b6480b665eeb9b5aa60accc39566

    • SHA256

      7a5239cc279b750dab7729740ca35fd1e47de8325ba2a6052fa9701ce6314fd6

    • SHA512

      4774c01e060005b22559ff0a5366e4e98a88c8aef0ea8710023a132a317b0cca7eea8f6a63645cb6c377ceed5ac8f27433a1c7db36ff00525c855cfea7625261

    • SSDEEP

      196608:JVHky+JxMO5jzdt7ilQvmDA8lHRBUgji8:XEy+J+Ohzdt7ilQv+tlHbxji

    Score
    10/10
    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks