General
-
Target
TradingView.exe
-
Size
104.3MB
-
Sample
230123-xpn4baeg99
-
MD5
6955334f409d20be7a39630693ff6d7e
-
SHA1
4bf3fb73fbb627f8541cb00b492dd4e2a0a81045
-
SHA256
41c7f0506ff3b6b233cdf382430e9065193366358f338baa488ffc74b5c1c7fb
-
SHA512
8319e20b423df7d5f917df4836459222f0ebb0337df848d70ac4f7bc642d34f4939f602a09cd2ad07f8aa8ad504c0ab42abfdac471d9f30f82b57da9c475adeb
-
SSDEEP
49152:5ufpKHEsNuNc4JyjmNTpGktKDJ3Me01iVVChKE7Kuhazt0JUSQW02F1iNFP:5KKksNuxIjPqhK+JU9NZ
Malware Config
Extracted
aurora
79.137.133.225:8081
Targets
-
-
Target
TradingView.exe
-
Size
104.3MB
-
MD5
6955334f409d20be7a39630693ff6d7e
-
SHA1
4bf3fb73fbb627f8541cb00b492dd4e2a0a81045
-
SHA256
41c7f0506ff3b6b233cdf382430e9065193366358f338baa488ffc74b5c1c7fb
-
SHA512
8319e20b423df7d5f917df4836459222f0ebb0337df848d70ac4f7bc642d34f4939f602a09cd2ad07f8aa8ad504c0ab42abfdac471d9f30f82b57da9c475adeb
-
SSDEEP
49152:5ufpKHEsNuNc4JyjmNTpGktKDJ3Me01iVVChKE7Kuhazt0JUSQW02F1iNFP:5KKksNuxIjPqhK+JU9NZ
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-