aurora | d6f44fe93007cc181b734b5fd43c345c[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

d6f44fe930...5c.exe

windows7-x64

d6f44fe930...5c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d6f44fe93007cc181b734b5fd43c345c.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6f44fe93007cc181b734b5fd43c345c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d6f44fe93007cc181b734b5fd43c345c.exe
Size

3.2MB
MD5

d6f44fe93007cc181b734b5fd43c345c
SHA1

5fd609ec371967b55a72dc9c3a209d24c6bd8cc8
SHA256

9dc9e74c8ce9558d9df383216ef18ca7399bd36af218be5f7f5666e550e7071f
SHA512

0e0e2a2ce5415af311fc398095d461a75f4c67d095e88100ea72d266224b584434f4f7ed69888efeadd0d46aa1d82e4fd4230a80c842f17e17f8e6adce286877
SSDEEP

49152:zTgIhey24XJSastfjXNTpGktKDJ3MgmxeKhIAP8hpcmaAtWJUL:zLheL4XJIFjghAPZJUL

Score

10^/10

aurora

Malware Config

Extracted

Family

aurora

C2

95.217.193.56:8081

Signatures

Aurora family
aurora

Files

d6f44fe93007cc181b734b5fd43c345c.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 218KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy