aurora | c6ac37ecc79400cf18c368318d7d06acaa01da055400867b85849b3622d2381c | Triage

Submit
Reports

Overview

overview

Static

static

1

XOVLAUNCHER.rar

windows10-1703-x64

Sharing

General

Target

XOVLAUNCHER.rar
Size

1.5MB
Sample

240829-xml6yawdpf
MD5

756829ec0d4d18d94f16c4a96a085a93
SHA1

9f969e7e7f8af031a3436f4f017010488177bc71
SHA256

c6ac37ecc79400cf18c368318d7d06acaa01da055400867b85849b3622d2381c
SHA512

b04836e28158336c4e8482ef3e03d2e7dbaba61d8c97d4280dc1c13bd23c2fadc2090673f6a3bcb851dba918e892596dcfef408ced0c2b966ba4c280491f787e
SSDEEP

24576:Ccm8v+tBIz8VazDOL6cUQXYp7jfgaMHsgLJbzEjqq+N9wFkOm2ONLV+cT55qFuWb:CtI/DOLpXYyaMZ5moHwINB+cV5qRqMx1

Score

10^/10

aurora stealer

Static task

static1

Behavioral task

behavioral1

Sample

XOVLAUNCHER.rar

Resource

win10-20240611-en

windows10-1703-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

aurora

C2

146.19.24.118:8081

Targets

- Target
  
  XOVLAUNCHER.rar
- Size
  
  1.5MB
- MD5
  
  756829ec0d4d18d94f16c4a96a085a93
- SHA1
  
  9f969e7e7f8af031a3436f4f017010488177bc71
- SHA256
  
  c6ac37ecc79400cf18c368318d7d06acaa01da055400867b85849b3622d2381c
- SHA512
  
  b04836e28158336c4e8482ef3e03d2e7dbaba61d8c97d4280dc1c13bd23c2fadc2090673f6a3bcb851dba918e892596dcfef408ced0c2b966ba4c280491f787e
- SSDEEP
  
  24576:Ccm8v+tBIz8VazDOL6cUQXYp7jfgaMHsgLJbzEjqq+N9wFkOm2ONLV+cT55qFuWb:CtI/DOLpXYyaMZ5moHwINB+cV5qRqMx1
Score

10^/10

aurora stealer
- Aurora
  Aurora is a crypto wallet stealer written in Golang.
  stealer aurora
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy