aurora | 4732-208-0x0000000000550000-0x0000000001345000-memory[.]dmp

Sharing

Copy URL

Twitter E-mail

General

Target

4732-208-0x0000000000550000-0x0000000001345000-memory.dmp
Size

14.0MB
MD5

d15e0a196e92d4712869809dbdcc22af
SHA1

f3bc40bee324a11eb3d0cbb064e4b5da7f241630
SHA256

e7be9208c03eeee575c228c1d69b64aba94ab06c81b2adb98bbfab9949bf85a4
SHA512

aae4fd58d42e4676ae81179fb6cd2ed56a22c3a897b1d83d1a9120d459a896fa570ce839f043824b19b9c4dcafdcf28a41e207691ad8942550f1e988e57c3469
SSDEEP

196608:IvIsM+yYsVRbnI5lgWNkiTutncG+z9W/KlzBascBYk5PM:JsoxbIPpkJcGCBuLPM

Score

10^/10

aurora

Malware Config

Extracted

Family

aurora

94.142.138.30:8081

Signatures

Aurora family
aurora

Files

4732-208-0x0000000000550000-0x0000000001345000-memory.dmp
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 697KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.H[S
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.symtab
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ

.>Ox
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.;<U
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f6f
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 1.3MB

.data Size: - Virtual size: 697KB

.idata Size: - Virtual size: 1KB

.H[S Size: - Virtual size: 27KB

.symtab Size: - Virtual size: 4B

.>Ox Size: - Virtual size: 3.3MB

.;<U Size: 2KB - Virtual size: 1KB

.f6f Size: 6.8MB - Virtual size: 6.8MB

.reloc Size: 512B - Virtual size: 168B

.rsrc Size: 398KB - Virtual size: 397KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 1.3MB

.data
Size: - Virtual size: 697KB

.idata
Size: - Virtual size: 1KB

.H[S
Size: - Virtual size: 27KB

.symtab
Size: - Virtual size: 4B

.>Ox
Size: - Virtual size: 3.3MB

.;<U
Size: 2KB - Virtual size: 1KB

.f6f
Size: 6.8MB - Virtual size: 6.8MB

.reloc
Size: 512B - Virtual size: 168B

.rsrc
Size: 398KB - Virtual size: 397KB