aurora | fae6a8d4f7ef452898971e3aa6b3577d1fb3ee47e97cb90b999691d668e72789 | Triage

Resubmissions

26-06-2023 16:24

230626-twftqsbc8w 10

26-06-2023 16:18

230626-tr4d8sad75 10

Sharing

General

Target

fae6a8d4f7ef452898971e3aa6b3577d1fb3ee47e97cb90b999691d668e72789
Size

260.4MB
Sample

230626-twftqsbc8w
MD5

16b349b80ef9e6d6a86e768b4e01fc4c
SHA1

7057d56fb70d2009aff15058edd2dfc819b6810b
SHA256

fae6a8d4f7ef452898971e3aa6b3577d1fb3ee47e97cb90b999691d668e72789
SHA512

de6a4ef3d5c138bd29edd2d361afacd11babb44023e1ad82f8753ff9d7f876c5c74efdfdb0e36abf2967ba6e85d8172640cc492f014e0846ea464277c38cf92e
SSDEEP

49152:Tp8I6lkSA+4oCpowncH5P4685fP5q8+58Yu9hn59KZkaQpJUb202F1p8:TX6llA3ohoKkL9zJU

Score

10^/10

aurora spyware stealer

Malware Config

Extracted

Family

aurora

C2

185.106.93.245:8081

Targets

- Target
  
  fae6a8d4f7ef452898971e3aa6b3577d1fb3ee47e97cb90b999691d668e72789
- Size
  
  260.4MB
- MD5
  
  16b349b80ef9e6d6a86e768b4e01fc4c
- SHA1
  
  7057d56fb70d2009aff15058edd2dfc819b6810b
- SHA256
  
  fae6a8d4f7ef452898971e3aa6b3577d1fb3ee47e97cb90b999691d668e72789
- SHA512
  
  de6a4ef3d5c138bd29edd2d361afacd11babb44023e1ad82f8753ff9d7f876c5c74efdfdb0e36abf2967ba6e85d8172640cc492f014e0846ea464277c38cf92e
- SSDEEP
  
  49152:Tp8I6lkSA+4oCpowncH5P4685fP5q8+58Yu9hn59KZkaQpJUb202F1p8:TX6llA3ohoKkL9zJU
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2