General

  • Target

    Injector.exe

  • Size

    4.5MB

  • Sample

    230125-t9kpvaha96

  • MD5

    94a7399342d38ecdebe7a703727b7cd9

  • SHA1

    47744611623ce144d78586d2544e5f93c596e747

  • SHA256

    1ec8acce1969794ac84a4b89f8712ca9c9eac4ccaf420c9f10eabc208f04c304

  • SHA512

    2c0abef2f86d5ef1610c809e55b109b61dfb9bfabbf53ec1d4c852fad2915caffe8e47d27b0e4d55b93d38befe6dd8b406e3560c3bb71fb089e3350f9bbe541a

  • SSDEEP

    49152:Dbs95NYJ+bS7x2aE3EVbrcnmoRlUDp31TaI5E8vVtGH5RDHp01i:yNYZ79Pcn2tE6GZRDV

Score
10/10

Malware Config

Extracted

Family

aurora

C2

82.115.223.138:8081

Targets

    • Target

      Injector.exe

    • Size

      4.5MB

    • MD5

      94a7399342d38ecdebe7a703727b7cd9

    • SHA1

      47744611623ce144d78586d2544e5f93c596e747

    • SHA256

      1ec8acce1969794ac84a4b89f8712ca9c9eac4ccaf420c9f10eabc208f04c304

    • SHA512

      2c0abef2f86d5ef1610c809e55b109b61dfb9bfabbf53ec1d4c852fad2915caffe8e47d27b0e4d55b93d38befe6dd8b406e3560c3bb71fb089e3350f9bbe541a

    • SSDEEP

      49152:Dbs95NYJ+bS7x2aE3EVbrcnmoRlUDp31TaI5E8vVtGH5RDHp01i:yNYZ79Pcn2tE6GZRDV

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks