Overview

overview

10

Static

static

10

e38edcf41b...83.exe

windows7-x64

10

e38edcf41b...83.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e38edcf41b7b13dc8837e030774cf083.exe

  • Size

    9.6MB

  • Sample

    230325-razcvafa91

  • MD5

    e38edcf41b7b13dc8837e030774cf083

  • SHA1

    1ed5f18fbc105fd177129f594d63e3297654acff

  • SHA256

    9e83c3a822bc5253e9b5047fd2ee19abce885852db7afcb70d9b76fc470f69bc

  • SHA512

    17021db0c40c5068c1df61e3682cd967fec74a76e661d5967b3950d2a0f2a3a64ea15abcfd21b89223fb541d3561172a0dbdcc2a63694996518e0fde8ced1080

  • SSDEEP

    196608:JGujuxvOMsHXVCFzaixl/CcHsjGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG:JXdP3VC9CcMjGGGGGGGGGGGGGGGGGGGi

Score
10/10
aurorastealer

Malware Config

Extracted

Family

aurora

C2

94.142.138.215:8081

Targets

    • Target

      e38edcf41b7b13dc8837e030774cf083.exe

    • Size

      9.6MB

    • MD5

      e38edcf41b7b13dc8837e030774cf083

    • SHA1

      1ed5f18fbc105fd177129f594d63e3297654acff

    • SHA256

      9e83c3a822bc5253e9b5047fd2ee19abce885852db7afcb70d9b76fc470f69bc

    • SHA512

      17021db0c40c5068c1df61e3682cd967fec74a76e661d5967b3950d2a0f2a3a64ea15abcfd21b89223fb541d3561172a0dbdcc2a63694996518e0fde8ced1080

    • SSDEEP

      196608:JGujuxvOMsHXVCFzaixl/CcHsjGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG:JXdP3VC9CcMjGGGGGGGGGGGGGGGGGGGi

    Score
    10/10
    aurorastealer

    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

      stealeraurora

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks