aurora | a7e18f8334187302d07b411518c03f7b472b7ba17751e6f5d239541105aedd36 | Triage

Sharing

General

Target

0x000600000002316e-145.dat
Size

3.0MB
Sample

230316-vktf5aca27
MD5

a22f4f4fd882dc77ae4adcf180d34f1a
SHA1

b630ffa68e2fe05f60dec473368354e8c07a53c5
SHA256

a7e18f8334187302d07b411518c03f7b472b7ba17751e6f5d239541105aedd36
SHA512

1f1e5cb83dc8b95630702faea3107ffd6929dcbad1b30b5b7d77d5b7284d883a60fac0d802e7b9b624b45ee0362af08d5d8426b5d010e0f71cc1bd01c46a329e
SSDEEP

49152:KGX3o2lDES/ed3+XMxfE36PalsLFA8ppBnVIk1o:goELE+LO8pTA

Score

10^/10

aurora spyware stealer

Malware Config

Targets

- Target
  
  0x000600000002316e-145.dat
- Size
  
  3.0MB
- MD5
  
  a22f4f4fd882dc77ae4adcf180d34f1a
- SHA1
  
  b630ffa68e2fe05f60dec473368354e8c07a53c5
- SHA256
  
  a7e18f8334187302d07b411518c03f7b472b7ba17751e6f5d239541105aedd36
- SHA512
  
  1f1e5cb83dc8b95630702faea3107ffd6929dcbad1b30b5b7d77d5b7284d883a60fac0d802e7b9b624b45ee0362af08d5d8426b5d010e0f71cc1bd01c46a329e
- SSDEEP
  
  49152:KGX3o2lDES/ed3+XMxfE36PalsLFA8ppBnVIk1o:goELE+LO8pTA
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2