General
-
Target
60f5cf24370600410d431405a2af891db1e19396a73d437b33f2e9c01e9fb27e.zip
-
Size
4.1MB
-
Sample
230321-rvz5wada7t
-
MD5
36b2cdb4643c543d23649d83ed4a7b71
-
SHA1
328d53f2c0b83cd8e092f761aa935119a4dcf781
-
SHA256
9e82f4feac500f219662c11c5036343cccd46f8ff3133f6ff2dfddf2f3946270
-
SHA512
0924747f9b5f526612729c25bbc624f7319ad74e638e197d3937caaea1e618c68e73551e5d989be13b01bcb47dd5f01db42a546ddeec04889528454ffea630f1
-
SSDEEP
98304:0s5ZIOn/hUNjXqy7mmUTgpTw+u2gg7k1AtNseIdIpr5knF:t5vZQBKPk1wLgrXstorqnF
Static task
static1
Behavioral task
behavioral1
Sample
60f5cf24370600410d431405a2af891db1e19396a73d437b33f2e9c01e9fb27e.exe
Resource
win7-20230220-en
Malware Config
Extracted
aurora
45.15.156.172:8081
Targets
-
-
Target
60f5cf24370600410d431405a2af891db1e19396a73d437b33f2e9c01e9fb27e.exe
-
Size
7.5MB
-
MD5
1431d295525534f244dd34a8a311b87f
-
SHA1
2d0d2190ed780bf8dfed135bd1d12cae53860ebe
-
SHA256
60f5cf24370600410d431405a2af891db1e19396a73d437b33f2e9c01e9fb27e
-
SHA512
dd7085d43c12c1c7d59be73e66e5797966f7310fdd40ff2979fc770fa6fb5164484661fdfa7b73f8fc7a2dac32a452683f021e56fa4b1135bbbb9d140794ee02
-
SSDEEP
24576:2H5qGTyaJEUcmADwRqPACrUJJiILBCR5LpWKMuy1rnwNnNQx/PEEDnpfuZWI9pIx:4qGTyMEQADwwACagk+lKo83Vz1
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-