Overview

overview

10

Static

static

1

193cec31ea...f4.exe

windows7-x64

1

193cec31ea...f4.exe

windows10-1703-x64

10

193cec31ea...f4.exe

windows10-2004-x64

10

193cec31ea...f4.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19098235267.zip

  • Size

    3.7MB

  • Sample

    240923-x2rpzayclr

  • MD5

    810766a9b6be428f44b37ecf948cf2ef

  • SHA1

    e96a21db8294ae39f7dce55bf767affc91f8a29f

  • SHA256

    ee33979f5739cd60124008f0a01e6e015d71e1cc38a6dff8ad5f8384931c5c05

  • SHA512

    736beebef03753ce9b7394f143a2ac9abb560ae4d6e1986cd859c2af9dc0c37d2d9d2ab37c6edcb4f36bafb4449ef7c0b221b3028dc5ed81a05fa543bd719b75

  • SSDEEP

    98304:N3IM8q0EK+gSmjjP6kbIstv1BE0o4YXdWt9zbhZj0:Rl0E8f6Q/BCTXdk9XTj0

Score
10/10
aurorastealer

Malware Config

Extracted

Family

aurora

C2

103.195.103.54:443

Targets

    • Target

      193cec31ea298103fe55164ff6270a2adf70248b3a4d05127414d6981f72cef4

    • Size

      5.0MB

    • MD5

      01011596b39a495d1e900e8661f4112c

    • SHA1

      90ba9a27571314c95916d49c6606f9c9cb8279cb

    • SHA256

      193cec31ea298103fe55164ff6270a2adf70248b3a4d05127414d6981f72cef4

    • SHA512

      9089eb058acd15e61d9fd004562323174123f4be02ca2fa20f93b2f15248caf3666cbfef03e1f6cb1ed27fe94303c15fde3be855e1e9c0e30c71380533b05c91

    • SSDEEP

      98304:b3R5aDBvoNaQFFWUxaMZo5/630UK+wpA3dPLGqa:t5Ovo74Uxa7ewi3JVa

    Score
    10/10
    aurorastealer

    • Aurora

      Aurora is a crypto wallet stealer written in Golang.

      stealeraurora

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks