General
-
Target
Aura.zip
-
Size
55.7MB
-
Sample
240707-dbywtasall
-
MD5
fb26d96e2c201d8d5450885315a0bf6b
-
SHA1
fb85ef8d5a04bf9e3de58aae46a8969698a6914d
-
SHA256
d6f82672effc3953b496924547d4a165bd3838a30235bc4116abae63cfc04391
-
SHA512
50e503794c95534082e205370460167e22928d6023b4c94712a3d1ff7b147f0a56547bcd821dc8fc2fd11ef5d9edf110271ec6708d5bd4f6901526fe159ea65e
-
SSDEEP
1572864:pc6X6iokYuTzQtdeEzEsEFA0HD5ZqMuWIjPPzr5C:ZqioR0z8gfVdVuWAHzE
Static task
static1
Behavioral task
behavioral1
Sample
Aura/Aura.exe
Resource
win7-20240704-en
Malware Config
Extracted
lumma
https://bargainnykwo.shop/api
Targets
-
-
Target
Aura/Aura.exe
-
Size
533KB
-
MD5
106261b3414a009549eecb0dfa8eb52b
-
SHA1
0c40118dea5b6071c68811887a1e88615f6e02ec
-
SHA256
dea98a88803caf3843401d91cbd22be0412b3d22393ee50a9a08efd34052a083
-
SHA512
e4ccd6c7369aa124c227ca051a34a1d7058838c24af606031c6bb851c913f76cb35c886b54a0c25900239e85e19456245df3b60e52e3827e1be672ba5af544e9
-
SSDEEP
12288:SVRaZCLIN5/0Qji5gkJSwvzjOi2B+l3hayppyhOEO:SVEEL08Qjie8/LSi2gRhabYt
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-