General
-
Target
https://babieschristeningoutfits.com/fdjs;gkjddf
-
Sample
230214-vqevxsec6v
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://babieschristeningoutfits.com/fdjs;gkjddf
Resource
win7-20221111-en
13 signatures
150 seconds
Behavioral task
behavioral2
Sample
https://babieschristeningoutfits.com/fdjs;gkjddf
Resource
win10v2004-20221111-en
16 signatures
150 seconds
Malware Config
Extracted
Family
aurora
C2
45.15.156.210:8081
Targets
-
-
Target
https://babieschristeningoutfits.com/fdjs;gkjddf
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-