aurora | 2f8afa5c2e8c5904f07fb09b4196bdf33a31f4fe9eb62c9774c59500e16675d9 | Triage

Sharing

General

Target

3092939bde0ec7e9306daeb85977ba60N.exe
Size

4.9MB
Sample

240716-3pj29ayejc
MD5

3092939bde0ec7e9306daeb85977ba60
SHA1

54b2284e4834f33428061119574dd178f97932dc
SHA256

2f8afa5c2e8c5904f07fb09b4196bdf33a31f4fe9eb62c9774c59500e16675d9
SHA512

6475c8764d25a3659aa6ac27c9b5f83b09849bb2bd073041d7a1b5fd8474308829a620ed1a6c820f0e1e098bac14d32b046bff5af0058e421782f6d8669a1406
SSDEEP

49152:gexu0GaRHcIef7bVn/XJqmzXplalRkNP4a5wUKCf96Cwsu5o4aELTw4F0ah9gO+Y:zYYeXJJYnkNw8wTZssiahIMr

Score

10^/10

aurora stealer

Malware Config

Extracted

Family

aurora

C2

45.132.106.77:8081

Targets

- Target
  
  3092939bde0ec7e9306daeb85977ba60N.exe
- Size
  
  4.9MB
- MD5
  
  3092939bde0ec7e9306daeb85977ba60
- SHA1
  
  54b2284e4834f33428061119574dd178f97932dc
- SHA256
  
  2f8afa5c2e8c5904f07fb09b4196bdf33a31f4fe9eb62c9774c59500e16675d9
- SHA512
  
  6475c8764d25a3659aa6ac27c9b5f83b09849bb2bd073041d7a1b5fd8474308829a620ed1a6c820f0e1e098bac14d32b046bff5af0058e421782f6d8669a1406
- SSDEEP
  
  49152:gexu0GaRHcIef7bVn/XJqmzXplalRkNP4a5wUKCf96Cwsu5o4aELTw4F0ah9gO+Y:zYYeXJJYnkNw8wTZssiahIMr
Score

10^/10

aurora stealer
- Aurora
  Aurora is a crypto wallet stealer written in Golang.
  stealer aurora
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2