Overview

overview

10

Static

static

10

Aurora.exe

windows7-x64

10

Aurora.exe

windows10-2004-x64

10

gui/Builder.html

windows7-x64

1

gui/Builder.html

windows10-2004-x64

1

gui/CHECKER.html

windows7-x64

1

gui/CHECKER.html

windows10-2004-x64

1

gui/Dashboard.html

windows7-x64

1

gui/Dashboard.html

windows10-2004-x64

1

gui/Loader.html

windows7-x64

1

gui/Loader.html

windows10-2004-x64

1

gui/SETTINGS.html

windows7-x64

1

gui/SETTINGS.html

windows10-2004-x64

1

gui/assets/docs.js

windows7-x64

1

gui/assets/docs.js

windows10-2004-x64

1

gui/inlog.html

windows7-x64

1

gui/inlog.html

windows10-2004-x64

1

gui/jSnow.js

windows7-x64

1

gui/jSnow.js

windows10-2004-x64

1

gui/jquery.js

windows7-x64

1

gui/jquery.js

windows10-2004-x64

1

resource/R...er.exe

windows7-x64

1

resource/R...er.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    102s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    29-04-2023 16:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gui/CHECKER.html

  • Size

    30KB

  • MD5

    bbda01f4d78932e8716452e5b44c873c

  • SHA1

    8f8059d8a82d7a05e8d03d1e8fc2962d7039b3cf

  • SHA256

    ce8394994ae108d6a0a4fdce1c47afc415a0ff2bf20d7288bf4c0974fd2a4a25

  • SHA512

    27b4d1b2492aa7fc64360bd019df8df222f4941f71862c793836f6dadaa8e1a58f10e011a47605d393a632b0d67af1fcd8e5203622d05cfbcbffb5da9ecd3375

  • SSDEEP

    192:af0JOW/yNBVJbCprc8zHWP89YD8KMn+JnOUnVwnB2nDUn3iKt55uuMNq6p+aUNtd:a3W/0BhTuMxTcEuCM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\gui\CHECKER.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:592

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    867B

    MD5

    c5dfb849ca051355ee2dba1ac33eb028

    SHA1

    d69b561148f01c77c54578c10926df5b856976ad

    SHA256

    cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

    SHA512

    88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e95a68ec399aeb22096ca44e0e175d33

    SHA1

    cab27631e90d5b05bb119a3e2365eaf90b10024e

    SHA256

    1ad5464bf21d86c331ad6064e292260057c218a75c76e1d896b00f0cdd5b51f2

    SHA512

    42c7af5c45ef0857657500498f2d2d659ca8a3fa69641cf57e229344be54d160c59dd946aa8c6537e4106995aaf673bd5358af2534b7639d1c9414fe044dfd28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba1420c66fdc9e1ca021727a5da0a1ff

    SHA1

    bb37cf53ae0e031f44f63d55a0e562c547bd3259

    SHA256

    c88a9d92ec8ac1b30e62dcbfc445c30e78656dbc461dba75b5e286d508ed3d11

    SHA512

    8ece006dd88bbd88c0dd43cf542b1ef5f7b56f641c5ac5c4ec760b98521144f3d6d0b0a7a8458eb108fd65cfd46abf78d887c823de676d89843990afcd9cf422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    097f5035eea2d9543de10da76667a295

    SHA1

    4b4f896a6687510104f66a167ee3bb20308caf32

    SHA256

    a42a26831596eeecd6954f29de45b5d366a063eecf0a8653a4b15a1cc82eb681

    SHA512

    f000a88ac21bb3db7ee9d8b85a459836ecb9cabadcb42f5bd13b9cb4a8cbe61c5df5e648ed102d001f72c480dee8751c98d9fb1e4a01cc440ac31e926905eb76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa3b5a540359a0478782a8372d268dc

    SHA1

    b1da41e99afe9cca7142b320184f6b674ddc8a2b

    SHA256

    7bc922b9ac8203ae4e1a98c46f37856ffd60f25251198b66459d993a32ffcf2e

    SHA512

    107d6aa223c01e10ed0a30aceb0e7a115fe1b84d45de6dfa1413d6f7d053e9298f62607b6ab9b3c54596bc628fee77443b4f16a1d55a7b9d4b8bbdf82f7d2ea4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d62efac693b8038f453c6221df61668a

    SHA1

    dd8d03c58c019616bc2eee90ffff13a48cae2564

    SHA256

    1ae07b1afcc180b475a64d369862300a82dcc2838fce4f6fdc668832e9bcab49

    SHA512

    9145b181fe139f50eb81dfc4d851b245c5aee6cba6adfd22a8d91d367c9285395aa2858a40e614e261cf193ed3d5a1d88b68fef9ea7acf6099a2d257dba3898f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5b2d324ed7898e4d037976741256a98

    SHA1

    6bd449cb9dbfffe9e03e13dae7863e6ee88f32ee

    SHA256

    755f2308e4bbb5080d92d7c5f63f9333c71af5d9192b7af7b94ddf87caa77496

    SHA512

    acd898f40743cd1b6a1ca68c8de0d2c5185c94c16e2c9ef1750d64073a2acf593cb4c4c053de0fbe0df39f617d6ce31fc92db9e1f511c39886cce96fbcf26e3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e55c9d302c8eda524b351c10355d5a35

    SHA1

    c83e6c15df4d9bd09926ca7c1a455d1714aef2b1

    SHA256

    15dfb9aa7a8762ada5f5db174c89ffa2bb9f8b5d30f7fe61048ed7d66670dfc7

    SHA512

    f2d9b497cee10904262824b91e117c165c0be3862863a10a0a6f86896de3823d10ebf496e9a847e0ca15ad8a124f10573560a11a2a44145dad66fe07d293d383

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bc85387cd19be4b0ac15d529063a9b3

    SHA1

    1e72f0f5ba1e16046b0813083f11dbf015bbd0f9

    SHA256

    8b49f75e7894285889535314447c733a8bb52ffe6ffc5b0fedcd2e8306a1a98f

    SHA512

    119319222388059c908b16b911377e40158022bd37a42123a1666943cc55784a4dcbac5673dad76012c7f5de25f963fc458626d93836105b3c421d236451361f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    755b953ce2bfc8b71019b6b52a8c8037

    SHA1

    23b5c2523c7574e6119ff50ba88e8b6e67507325

    SHA256

    ec105360540db63f910eace4d8f47b91cdab5b3c8fb64c0934c62d9f9ad7b711

    SHA512

    e7a3194784d45ba2ce9b2d372f86b810f4881646ede3a33f73e16a3f48b1e4086846c5e20d8f9f8de2191e4a0c5f6b82a5d7c3d11a5269343845690855678f06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de85f1e420666b6d4d8d8ef79e1caff3

    SHA1

    982f8704d0eab96a8dc41cfed848a62c95af457d

    SHA256

    90e1183e67a3ad0478a06fc6c272fb5fc9fac0e1d5735cbc75b9a6f82665b836

    SHA512

    190c420c7cd21ffb211821cc0cf28bc26cfe204d88a6cf405cde79c2a07315126284dfa929c5a5aebe84b509e821472ee5b79e5f740e43cc32ecc71bc9faf332

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    301e34ed3bd0533caa146922112bb1fe

    SHA1

    a9d76e62b6fd65d3ed836e9a47b7fe44507a4aeb

    SHA256

    cf43441e42999d94ea5bf2e3a9f3b57f8dc5ae02ff978d0536f07376d93fc755

    SHA512

    41c7ebdc2e2eb3faffbbe8ffe1d329996dc339434b6b131d08ad3aaef273b84e5f5295736ab4b89bd38633f7da23661224cde71dd8b221b8c74fac0625c8d169

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09d362e0a05eb93743de0d7668a37fa5

    SHA1

    3bf07aefecb0cb6cfeb32fd7a0f4c2b8e97e0c90

    SHA256

    44381dad4f078ff65113f00d854c086bfcbe9ef3c2e5460635666213eaea8ee2

    SHA512

    5173ec09e66b3e89e5e4de885b6e3a94c0a67f884dc0b1aa31d77b1c8901061ce4564f0edc8f3f26701ba58a66673b869c714dcb4450a601501c169dab76528a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28190c2330517ccf856d2d60279c2787

    SHA1

    222d8a920f6717763109cb69f8ae7dca0908ddc2

    SHA256

    cd738950607943ae2a55efdba656095759d62521e2fa97cda79fef54ffb88a4f

    SHA512

    ad12ccc9ecf12d2cbd1a7bd9b9312d9bca8d91456b84d718d42d87573e440381140d4c6f87828e9aeca1a5f3a815f52be238f265e738fa239fcb8e2cd38bd07f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    242B

    MD5

    646830cc77deeb0616d9dff7fc1ad5f9

    SHA1

    18c54a7315323150f178d45b8407382f8f469de6

    SHA256

    2df320915e11c6b3dad07ae6fc62c0cbfb26aa5315cfef22d4a213b6d8960a31

    SHA512

    73652587ce5314db31eeee7980d459855e32b182d43add7ac7186ebfbcbb459a752fbd91d53239df8c3f2e387d93c84c8a23948589223e791d3cfa80622db443

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3F54.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar41DB.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DA60ENW7.txt
    Filesize

    606B

    MD5

    166a27b90640860f6e735d773dd7bb10

    SHA1

    c4afb39c45f886424200fe54bbb9c7db0babb99a

    SHA256

    6fe117f934735b3d33e4f929701d7a1651c1247973fd198a8219589ee4d8fe5a

    SHA512

    bd786fe8c59f1aca38aca63f5b17cf3ba8ae2730dca3a08a19c9f2e87a10cb05cbddf88cbab0fd2e8456fed8543698377d9a6a4727344fa65ed251845d7ea7df

    Download Submit