General
-
Target
LibreOffice_7.4.4_Win_x64.exe
-
Size
4.3MB
-
Sample
230124-vvs84scg86
-
MD5
e180d59d9dfa41f80e57e030f68dad4c
-
SHA1
8e1c8feb0e9ca11250b7d0a7c98c825ea10d76c5
-
SHA256
515e7fa2e16b9723f02b9676aeeb392c3e246a3a76dd52de2779f164d7c0cb78
-
SHA512
ebd204c02f5edcd6d84a37cd6918cafa5745dba05b14a409f87ee564c870248e746205cf41e1bc5ebbf97ef2fb2ef4f25b0d53bea05e1186f5a4c4ccc68e3b33
-
SSDEEP
49152:mynSK5EsNuNc4Jyj+NTpGktKDJ3Me01iVZChKENKEhaStuJUSQW02F1fNFm:m9KmsNuNIjnyhK9JUYNM
Behavioral task
behavioral1
Sample
LibreOffice_7.4.4_Win_x64.exe
Resource
win7-20221111-en
Malware Config
Extracted
aurora
79.137.133.225:8081
Targets
-
-
Target
LibreOffice_7.4.4_Win_x64.exe
-
Size
4.3MB
-
MD5
e180d59d9dfa41f80e57e030f68dad4c
-
SHA1
8e1c8feb0e9ca11250b7d0a7c98c825ea10d76c5
-
SHA256
515e7fa2e16b9723f02b9676aeeb392c3e246a3a76dd52de2779f164d7c0cb78
-
SHA512
ebd204c02f5edcd6d84a37cd6918cafa5745dba05b14a409f87ee564c870248e746205cf41e1bc5ebbf97ef2fb2ef4f25b0d53bea05e1186f5a4c4ccc68e3b33
-
SSDEEP
49152:mynSK5EsNuNc4Jyj+NTpGktKDJ3Me01iVZChKENKEhaStuJUSQW02F1fNFm:m9KmsNuNIjnyhK9JUYNM
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-