Resubmissions

23/01/2023, 19:01

230123-xpn4baeg99 10

23/01/2023, 18:49

230123-xgqxyagd2x 10

General

  • Target

    TradingView.exe

  • Size

    104.3MB

  • Sample

    230123-xgqxyagd2x

  • MD5

    6955334f409d20be7a39630693ff6d7e

  • SHA1

    4bf3fb73fbb627f8541cb00b492dd4e2a0a81045

  • SHA256

    41c7f0506ff3b6b233cdf382430e9065193366358f338baa488ffc74b5c1c7fb

  • SHA512

    8319e20b423df7d5f917df4836459222f0ebb0337df848d70ac4f7bc642d34f4939f602a09cd2ad07f8aa8ad504c0ab42abfdac471d9f30f82b57da9c475adeb

  • SSDEEP

    49152:5ufpKHEsNuNc4JyjmNTpGktKDJ3Me01iVVChKE7Kuhazt0JUSQW02F1iNFP:5KKksNuxIjPqhK+JU9NZ

Score
10/10

Malware Config

Extracted

Family

aurora

C2

79.137.133.225:8081

Targets

    • Target

      TradingView.exe

    • Size

      104.3MB

    • MD5

      6955334f409d20be7a39630693ff6d7e

    • SHA1

      4bf3fb73fbb627f8541cb00b492dd4e2a0a81045

    • SHA256

      41c7f0506ff3b6b233cdf382430e9065193366358f338baa488ffc74b5c1c7fb

    • SHA512

      8319e20b423df7d5f917df4836459222f0ebb0337df848d70ac4f7bc642d34f4939f602a09cd2ad07f8aa8ad504c0ab42abfdac471d9f30f82b57da9c475adeb

    • SSDEEP

      49152:5ufpKHEsNuNc4JyjmNTpGktKDJ3Me01iVVChKE7Kuhazt0JUSQW02F1iNFP:5KKksNuxIjPqhK+JU9NZ

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks