General
-
Target
Setup.exe
-
Size
10.4MB
-
Sample
230216-x8nxnabd63
-
MD5
3a074786e039c85614cef159998f0b6a
-
SHA1
1d84450186359d35ce582aefce6fe72c5995737d
-
SHA256
eb94f26dac1f7c898651fbb8e301bbff8633614a561359ac7bca7a58e358ac58
-
SHA512
470e9036ac1754d9406063999649c490a4d99002723f2e9734b7eece694c0ff5b8a3898cc0f795a9a3519f817e4219a587a1700fbd0904b9fb62e26d724786d8
-
SSDEEP
24576:XnTBn2pOPmCliE/y0AB0CWB3a9OKHwVXXylBTSViHzcqjn3aMfIS/NDnE7kBy3z6:XTBn2pOeC//y0tC7gk+lKcTQcAz1
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20221111-en
Malware Config
Extracted
aurora
94.142.138.18:8081
Targets
-
-
Target
Setup.exe
-
Size
10.4MB
-
MD5
3a074786e039c85614cef159998f0b6a
-
SHA1
1d84450186359d35ce582aefce6fe72c5995737d
-
SHA256
eb94f26dac1f7c898651fbb8e301bbff8633614a561359ac7bca7a58e358ac58
-
SHA512
470e9036ac1754d9406063999649c490a4d99002723f2e9734b7eece694c0ff5b8a3898cc0f795a9a3519f817e4219a587a1700fbd0904b9fb62e26d724786d8
-
SSDEEP
24576:XnTBn2pOPmCliE/y0AB0CWB3a9OKHwVXXylBTSViHzcqjn3aMfIS/NDnE7kBy3z6:XTBn2pOeC//y0tC7gk+lKcTQcAz1
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-