General
-
Target
Sys.exe
-
Size
3.1MB
-
Sample
230414-t3e6sacb91
-
MD5
0a9bb4228adb9813ac9f7b576c3918fb
-
SHA1
6c98dcb3d2e1a07d5175cbe8165dc197b7f8852f
-
SHA256
3468c15da3569fbe23e815cba22abf1b8b26a7fa3300ed44502fdd31cd120568
-
SHA512
db30b2a72e7ed10d85ba8e750996c7e3ecc5761a39ca2f1b156ca064320c40d2fea66cc581cfe378b0cbdb29155cf69c48fe0c1478591933083280c5d52c610b
-
SSDEEP
49152:bG3iK3tnG69fEERaIrCzRlXkaLZsLaN8cxnk5Yk1mqq:d+dG0rrCdlXELO8Cqq
Behavioral task
behavioral1
Sample
Sys.exe
Resource
win7-20230220-en
Malware Config
Extracted
aurora
104.248.91.138:8081
Targets
-
-
Target
Sys.exe
-
Size
3.1MB
-
MD5
0a9bb4228adb9813ac9f7b576c3918fb
-
SHA1
6c98dcb3d2e1a07d5175cbe8165dc197b7f8852f
-
SHA256
3468c15da3569fbe23e815cba22abf1b8b26a7fa3300ed44502fdd31cd120568
-
SHA512
db30b2a72e7ed10d85ba8e750996c7e3ecc5761a39ca2f1b156ca064320c40d2fea66cc581cfe378b0cbdb29155cf69c48fe0c1478591933083280c5d52c610b
-
SSDEEP
49152:bG3iK3tnG69fEERaIrCzRlXkaLZsLaN8cxnk5Yk1mqq:d+dG0rrCdlXELO8Cqq
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-