General
-
Target
2e5260973969192f9cc166487adb128832e22f2752b176359c51264a6e5d7faa
-
Size
2.4MB
-
Sample
230315-ck8lyach5y
-
MD5
5343b3beaadd15a14319e4b21dc68077
-
SHA1
6d8b2b4c9418d882fb10ea958d5e5f281a14396b
-
SHA256
2e5260973969192f9cc166487adb128832e22f2752b176359c51264a6e5d7faa
-
SHA512
2ea3cc32b56eff42298772ac90eb26b6de98ec3c3bb183b2c1d8bbcc4c5c68877b32268b80e00ef9d4779a0c30b765f8a8bf345ef45e863b9fc2a04f5c79ab3f
-
SSDEEP
49152:GAE84ts1AF+Asb9wya6uAdaOebmDhEbhQzfnXIqWur2h7bwKPG9T9s:wwb9wya6uAdKmDhEbufnYVur2qKAs
Static task
static1
Malware Config
Extracted
aurora
92.119.231.161:8081
Targets
-
-
Target
2e5260973969192f9cc166487adb128832e22f2752b176359c51264a6e5d7faa
-
Size
2.4MB
-
MD5
5343b3beaadd15a14319e4b21dc68077
-
SHA1
6d8b2b4c9418d882fb10ea958d5e5f281a14396b
-
SHA256
2e5260973969192f9cc166487adb128832e22f2752b176359c51264a6e5d7faa
-
SHA512
2ea3cc32b56eff42298772ac90eb26b6de98ec3c3bb183b2c1d8bbcc4c5c68877b32268b80e00ef9d4779a0c30b765f8a8bf345ef45e863b9fc2a04f5c79ab3f
-
SSDEEP
49152:GAE84ts1AF+Asb9wya6uAdaOebmDhEbhQzfnXIqWur2h7bwKPG9T9s:wwb9wya6uAdKmDhEbufnYVur2qKAs
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-