General

  • Target

    tmp

  • Size

    3.4MB

  • Sample

    230305-psfx4sgd79

  • MD5

    c1e0847bb381373f3206d346cbe36048

  • SHA1

    7ca2f998482d8d9617844547423ec84f9471fbbd

  • SHA256

    de6a505d15313427ffff2dff04ab85cf7d2d387f3ffa43bce0e4a74beaf110e1

  • SHA512

    a96c287b191431693a60903426a211786dcc28962ef0c7e1b749f047d67a4fb9b9a54b89f55d287e0a7ea33d6279745fd0b1b6b2ec7a2d08cdd3f1b6730e35c3

  • SSDEEP

    49152:VoXYiVIj11zpXVLuuK/wRPBU0aD5EjN9aLDdIHNm7Gplk1oG:VobypXO7EKLRItmKG

Score
10/10

Malware Config

Extracted

Family

aurora

C2

94.142.138.71:35774

Targets

    • Target

      tmp

    • Size

      3.4MB

    • MD5

      c1e0847bb381373f3206d346cbe36048

    • SHA1

      7ca2f998482d8d9617844547423ec84f9471fbbd

    • SHA256

      de6a505d15313427ffff2dff04ab85cf7d2d387f3ffa43bce0e4a74beaf110e1

    • SHA512

      a96c287b191431693a60903426a211786dcc28962ef0c7e1b749f047d67a4fb9b9a54b89f55d287e0a7ea33d6279745fd0b1b6b2ec7a2d08cdd3f1b6730e35c3

    • SSDEEP

      49152:VoXYiVIj11zpXVLuuK/wRPBU0aD5EjN9aLDdIHNm7Gplk1oG:VobypXO7EKLRItmKG

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Discovery

System Information Discovery

1
T1082

Collection

Data from Local System

2
T1005

Tasks