General
-
Target
uni2.exe
-
Size
3.0MB
-
Sample
230315-dmwwlabb84
-
MD5
7b7f66624ef0b602dc8b5cf5ab0e0cc7
-
SHA1
7ce5ff0bc6ed6160b34d110f58c4e3b3131b6471
-
SHA256
417aee1f9b38131b40df67ca5ade203e6e45fb3b2928ba209ef2afacc3d6d8fe
-
SHA512
622a202c7ad573c7f6d98905b7b4edeb8e0084d069e3943fbfc03046df5f19fe48e48aeda4f8c396a8a79fa85f136720cc3312c8a8cb6564a9928a76fe1f4e8d
-
SSDEEP
49152:n2F3dmZsmanH2CXOwjygvaBsLFA8pHht8k1r:aPmEjpLO8pZ
Behavioral task
behavioral1
Sample
uni2.exe
Resource
win7-20230220-en
Malware Config
Extracted
aurora
79.137.204.106:8081
Targets
-
-
Target
uni2.exe
-
Size
3.0MB
-
MD5
7b7f66624ef0b602dc8b5cf5ab0e0cc7
-
SHA1
7ce5ff0bc6ed6160b34d110f58c4e3b3131b6471
-
SHA256
417aee1f9b38131b40df67ca5ade203e6e45fb3b2928ba209ef2afacc3d6d8fe
-
SHA512
622a202c7ad573c7f6d98905b7b4edeb8e0084d069e3943fbfc03046df5f19fe48e48aeda4f8c396a8a79fa85f136720cc3312c8a8cb6564a9928a76fe1f4e8d
-
SSDEEP
49152:n2F3dmZsmanH2CXOwjygvaBsLFA8pHht8k1r:aPmEjpLO8pZ
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-