General

  • Target

    file.exe

  • Size

    4.4MB

  • Sample

    230308-qv874sdh9y

  • MD5

    15d1bdb5f6e3267b936b401485897479

  • SHA1

    f9f1c88d6d1e929a42c15dc3c0c0afefbe42544d

  • SHA256

    48392e0c0969580a9eaa9fa882b543b319ea08e6492d3a6819bc0c5b64d78396

  • SHA512

    e941ad9a9fddf0dd4a0d3d0bd2b02f55e2a3361de6ce9bcc674e4bb33d82c59a4519e5cf2d90e2d422ab3f860247a8c78abd715b3ceaecbc5b013be0e42812ac

  • SSDEEP

    49152:C2sQ8R/u6S/gPV4PW/vlLr8EdiITRf+EGg7dH1CaSo5qTk6k1lFAw8A7/eFwjDr9:CfQM/fSoPFNLQg1UTOWw8a0cDAOn

Score
10/10

Malware Config

Extracted

Family

aurora

C2

212.87.204.93:8081

Targets

    • Target

      file.exe

    • Size

      4.4MB

    • MD5

      15d1bdb5f6e3267b936b401485897479

    • SHA1

      f9f1c88d6d1e929a42c15dc3c0c0afefbe42544d

    • SHA256

      48392e0c0969580a9eaa9fa882b543b319ea08e6492d3a6819bc0c5b64d78396

    • SHA512

      e941ad9a9fddf0dd4a0d3d0bd2b02f55e2a3361de6ce9bcc674e4bb33d82c59a4519e5cf2d90e2d422ab3f860247a8c78abd715b3ceaecbc5b013be0e42812ac

    • SSDEEP

      49152:C2sQ8R/u6S/gPV4PW/vlLr8EdiITRf+EGg7dH1CaSo5qTk6k1lFAw8A7/eFwjDr9:CfQM/fSoPFNLQg1UTOWw8a0cDAOn

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Collection

Data from Local System

2
T1005

Tasks