aurora | 323bbb21d1a1fbecfbce6cb23eef2c63435021839a010430bd789bc43b710c25 | Triage

Sharing

General

Target

323bbb21d1a1fbecfbce6cb23eef2c63435021839a010430bd789bc43b710c25N
Size

5.3MB
Sample

241013-pl59eswemg
MD5

a565ef9dfe6cfa68934fc9a8f3e9e480
SHA1

f28b37efb28e4316db1f592208cc6e4aca335ac2
SHA256

323bbb21d1a1fbecfbce6cb23eef2c63435021839a010430bd789bc43b710c25
SHA512

11ad1e18624cea0d762346ff3ee762778618188f5834e4c4243b9c32c5587349f047fbe1f714d74825b3a08b8e1d5b1f5104152fbc701baa514a406f915cb78f
SSDEEP

98304:ByIwfYjs/pKO+6PbFmS3VjVEOeTtJaAbLECnrZXJT7W:BaEs/bFmS3VjVEOeTtJHbdnrz7

Score

10^/10

aurora discovery stealer

Malware Config

Extracted

Family

aurora

C2

217.195.155.154:8081

Targets

- Target
  
  323bbb21d1a1fbecfbce6cb23eef2c63435021839a010430bd789bc43b710c25N
- Size
  
  5.3MB
- MD5
  
  a565ef9dfe6cfa68934fc9a8f3e9e480
- SHA1
  
  f28b37efb28e4316db1f592208cc6e4aca335ac2
- SHA256
  
  323bbb21d1a1fbecfbce6cb23eef2c63435021839a010430bd789bc43b710c25
- SHA512
  
  11ad1e18624cea0d762346ff3ee762778618188f5834e4c4243b9c32c5587349f047fbe1f714d74825b3a08b8e1d5b1f5104152fbc701baa514a406f915cb78f
- SSDEEP
  
  98304:ByIwfYjs/pKO+6PbFmS3VjVEOeTtJaAbLECnrZXJT7W:BaEs/bFmS3VjVEOeTtJHbdnrz7
Score

10^/10

aurora discovery stealer
- Aurora
  Aurora is a crypto wallet stealer written in Golang.
  stealer aurora
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

auroradiscoverystealer

behavioral2

auroradiscoverystealer