050c553c3b8f7118ff349e8cb7c425079450388a33b57c83d28cfa0f5e5e21bc | Triage

Sharing

General

Target

Aurora [by GodsExploits].zip
Size

8.3MB
Sample

240221-gd1d7scb8t
MD5

a0772b82261f4709fcd84bad578261bb
SHA1

f41f43aaabb6f4babe4da904dc51785420d0ee24
SHA256

050c553c3b8f7118ff349e8cb7c425079450388a33b57c83d28cfa0f5e5e21bc
SHA512

274f83a7466a670b752d741f66f4cfdf33edf133518eb6b7143847a975e3292057a4f6cc52531108d8fa4e7ca4fc8857b43b02573766497866de25202ebc8b25
SSDEEP

196608:zi81bD+OCmYWUCH0NJgjEfW31LUKP5UNkoIMyIWWxH0KyzO:eKbCoWa8gjV3RUKCNK2Vyy

Score

9^/10

cryptone packer spyware

Malware Config

Targets

- Target
  
  Aurora/Aurora.exe
- Size
  
  1.9MB
- MD5
  
  9c927e0518912c1fd2239b91f934f981
- SHA1
  
  67cc0c7ca7ebef409dcd7c069c91f1b7a631213e
- SHA256
  
  bf71a9c4389f5cae7a52782889b61b22efb70c5150d2e4288c3bd9cce720fd13
- SHA512
  
  c4a6ea2a2308c649901f4a895c747efd60f8d5325e3ffe6b6387d06041013eb542b780c5281ae6beee38d1d25c3b079d49b9abc835641684b256ad40d3c89001
- SSDEEP
  
  24576:mTHjsbvemd2l+QU1e2B5KZxDvAR+MWwY:mTHwC+Qh2BoIQM
Score

7^/10

spyware
- Drops startup file
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Aurora/scripts/scripts.dll
- Size
  
  18.7MB
- MD5
  
  88fd7dbf04bcf75123d02009aea3f7f7
- SHA1
  
  cecf16bdad71e54afc941179ea2b7438a04efa1d
- SHA256
  
  01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4
- SHA512
  
  2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917
- SSDEEP
  
  393216:hqA/D2IIyzg8DolBo6i0KoI6Di42sC1/syU3DXNs6hq8:hqcaZyV0fC1JOpjhq8
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4