aurora | 25de8115259ef71ff2c430e9d2e886dd201c810f1743f246d45b1e47a3ada9a1 | Triage

Sharing

General

Target

25de8115259ef71ff2c430e9d2e886dd201c810f1743f246d45b1e47a3ada9a1
Size

4.8MB
Sample

230824-dva9vshf24
MD5

1abe49aa8126a6ba8ace5ca885a4cdc9
SHA1

0cfff8b58cd48ccaf196a05a880169123a25fd87
SHA256

25de8115259ef71ff2c430e9d2e886dd201c810f1743f246d45b1e47a3ada9a1
SHA512

192b652ca960d40040cf8580234db2a891a4230d61e30059b5a37ea2798fa4d2847857a31c7aeea2f76d3471b10156270023ce53204b81a9dfc07fdb23d4c3a5
SSDEEP

98304:efxlJ5R+2VxxWWWFw2FEXj+QonBgXpos6Ip/iGuBMHHiPHJWn1yp0:2BdxxsFwWEz+QoBgViGuBn76

Score

10^/10

aurora stealer

Malware Config

Extracted

Family

aurora

C2

45.15.156.70:8081

Targets

- Target
  
  25de8115259ef71ff2c430e9d2e886dd201c810f1743f246d45b1e47a3ada9a1
- Size
  
  4.8MB
- MD5
  
  1abe49aa8126a6ba8ace5ca885a4cdc9
- SHA1
  
  0cfff8b58cd48ccaf196a05a880169123a25fd87
- SHA256
  
  25de8115259ef71ff2c430e9d2e886dd201c810f1743f246d45b1e47a3ada9a1
- SHA512
  
  192b652ca960d40040cf8580234db2a891a4230d61e30059b5a37ea2798fa4d2847857a31c7aeea2f76d3471b10156270023ce53204b81a9dfc07fdb23d4c3a5
- SSDEEP
  
  98304:efxlJ5R+2VxxWWWFw2FEXj+QonBgXpos6Ip/iGuBMHHiPHJWn1yp0:2BdxxsFwWEz+QoBgViGuBn76
Score

10^/10

aurora stealer
- Aurora
  Aurora is a crypto wallet stealer written in Golang.
  stealer aurora
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2