aurora | 9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf
Size

5.0MB
Sample

230316-tt4ssaea8t
MD5

4f253477a36850490e31add375d9cdad
SHA1

0bbd876a81e43746595da1b71285ef6978ceb162
SHA256

9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf
SHA512

c3fd8354070103f423b937f0dbe8d4a1285494ea14e4a5748b4b9936d019a4b38dd65d447a3471a8ba41f21275c33800e756666c9ba450276c7cd0f7b420b8b8
SSDEEP

98304:UJbMKqBTZlgY5FlcBfclcPi7LO049CDZe:MMKslMBfcc67LrHD8

Score

10^/10

aurora spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf.exe

Resource

win10-20230220-en

aurora spyware stealer

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

aurora

C2

138.201.198.8:8081

Targets

- Target
  
  9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf
- Size
  
  5.0MB
- MD5
  
  4f253477a36850490e31add375d9cdad
- SHA1
  
  0bbd876a81e43746595da1b71285ef6978ceb162
- SHA256
  
  9d46f656238d21c07a1d280b8a23171d05ae87dbb136d4c0efefa578132058cf
- SHA512
  
  c3fd8354070103f423b937f0dbe8d4a1285494ea14e4a5748b4b9936d019a4b38dd65d447a3471a8ba41f21275c33800e756666c9ba450276c7cd0f7b420b8b8
- SSDEEP
  
  98304:UJbMKqBTZlgY5FlcBfclcPi7LO049CDZe:MMKslMBfcc67LrHD8
Score

10^/10

aurora spyware stealer
- Aurora
  Aurora is a crypto wallet stealer written in Golang.
  stealer aurora
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

auroraspywarestealer

© 2018-2024

Terms | Privacy