Overview

overview

10

Static

static

10

1bb3d1cfe9...4f.exe

windows7-x64

7

1bb3d1cfe9...4f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2daf6321a7fb96cd0834ebd018e67dc2.bin

  • Size

    1.2MB

  • Sample

    230227-bgj9haba7s

  • MD5

    5a0cce7b1e491ea8bb31d152afb064e8

  • SHA1

    b904b820ce4e2b3a6ac2ba2c2e41369745494b02

  • SHA256

    46865d7c4486ce7ad84f8508aeda7b0635e087914e18475bd09960b936e59213

  • SHA512

    52520c61cae2032ee12473a498581cba49657b3e526a2d38945f0ce1182ac71a7352d307e0ffb6b60f6db5259f423876b57767edd21a9fa338ffa67e7f9f7324

  • SSDEEP

    24576:GkktVyMrd6eZSfO38JHK6eor1BF3b95Lpt+kHyiUqofCpVEU:GkktUMJ64abnr17psMwU

Score
10/10
auroraspywarestealer

Malware Config

Extracted

Family

aurora

C2

185.106.93.132:8081

Targets

    • Target

      1bb3d1cfe99f7dcc5898431a3329c39eb6ca9d2e39072c83d469b3898c1a124f.exe

    • Size

      3.0MB

    • MD5

      2daf6321a7fb96cd0834ebd018e67dc2

    • SHA1

      a5a919af73f94ac824ee77df9c140a3a616518e8

    • SHA256

      1bb3d1cfe99f7dcc5898431a3329c39eb6ca9d2e39072c83d469b3898c1a124f

    • SHA512

      210a04c1d2397acc1d199b48076c7b7d434b4cfe02e25d090b95bd4ffe9cf29a17e4d849762657f033e1bd5cf40f319122e799d30ce80ad8176715b2ac7d6450

    • SSDEEP

      49152:5Lx3cqFBYdH3EQK1EsBgcPaVsLFA8p9u1Xk1:02YEB1LO8p

    Score
    7/10
    spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks