Overview

overview

10

Static

static

1

python-3.11.2.exe

windows7-x64

10

python-3.11.2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    python-3.11.2.exe

  • Size

    307.5MB

  • Sample

    230224-yrfemaaf25

  • MD5

    46dcfe95ce4b04837cd93d684e926a51

  • SHA1

    77949607ef3908fa2feda27e8ec39c21779ef041

  • SHA256

    aa349ad45bb48e85b5cd1b55308ae835353859219f28ece9685c8ae552e8e63a

  • SHA512

    4961a0224d6e1f8b7f3126f1a2650ebc3685ca1ca2c3399a03db57243605e21be382e485dc0638cce7a1aa27f6f67669e7d2b2f8823687eb0c566df2ccaefa2e

  • SSDEEP

    24576:hn5q0CD6pcOb0QjwRdPmXCcXTM0jzRsE8IpZujAp/7TniOe63GpF+1A4U4aPTx0j:Tq0CDscLQjwXmXCdgk+lKaDgF1z1M

Score
10/10
aurorastealer

Malware Config

Extracted

Family

aurora

C2

185.106.93.135:8081

Targets

    • Target

      python-3.11.2.exe

    • Size

      307.5MB

    • MD5

      46dcfe95ce4b04837cd93d684e926a51

    • SHA1

      77949607ef3908fa2feda27e8ec39c21779ef041

    • SHA256

      aa349ad45bb48e85b5cd1b55308ae835353859219f28ece9685c8ae552e8e63a

    • SHA512

      4961a0224d6e1f8b7f3126f1a2650ebc3685ca1ca2c3399a03db57243605e21be382e485dc0638cce7a1aa27f6f67669e7d2b2f8823687eb0c566df2ccaefa2e

    • SSDEEP

      24576:hn5q0CD6pcOb0QjwRdPmXCcXTM0jzRsE8IpZujAp/7TniOe63GpF+1A4U4aPTx0j:Tq0CDscLQjwXmXCdgk+lKaDgF1z1M

    Score
    10/10
    aurorastealer

    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

      stealeraurora

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks