General
-
Target
innosetup-6.2.1.zip
-
Size
5.0MB
-
Sample
230226-k96smsgc5w
-
MD5
3f31bd210e7dfd03d5068289b6dd4038
-
SHA1
4a2d098fe1fc26796b31161bcb5c9d7c1f4f9aa4
-
SHA256
be393666930fcd6564cec396d8b9732f34f6fdb9cdbd2283f21723a060ddeff3
-
SHA512
1c4823b159a3c7402a15ccf3dfb6e3389ee021a45a648a702771ec0d0a0dfa92f2c9970fe1455f9172a60f062a2493b9b50800996871fa590528c9ecf5f777eb
-
SSDEEP
98304:+yKr29KVJT2Zbq7K+uldELn0uNjN/aEKKKrYroE:+brVp4bql0uNjAEiIoE
Static task
static1
Behavioral task
behavioral1
Sample
innosetup-6.2.1.exe
Resource
win7-20230220-en
Malware Config
Extracted
aurora
94.142.138.71:8081
Targets
-
-
Target
innosetup-6.2.1.exe
-
Size
807.4MB
-
MD5
0257fe004e87f99031fde2dcbec1f727
-
SHA1
e00a5c6d34d7bc6e9d663b88230d86de16abc8a1
-
SHA256
d5bb2d356876be75ddc3a2c26172acd352dac04c9b49eea6695b05b9ddba7495
-
SHA512
b6d81b126b39bb2eb3829eda0fc00eff25900c965a3a046cef63bf14f102c5480cff4c31482d93e63ae4779c73087f4541e8092597b85e73bb49973c3cfc412b
-
SSDEEP
24576:x94s6V9vqyQT0iAw7vyc6CD8aH465hV27+TYF5otaz4ihmfg0dGRX8N1f+2b39Yh:x9h6V9vq/AwryFCJCh1z1
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-