General
-
Target
AvroraX.rar
-
Size
9.3MB
-
Sample
240211-tz73dsbg37
-
MD5
f79fcf30c93284d88903e597c17f1e57
-
SHA1
d852b33ffe9ead6d4f71fd20194c67e33004c706
-
SHA256
1dcdeee44784f7d34e81933673d9d64e87e0345b36c14f30a0551984ee60a86a
-
SHA512
8e8d13a69002d9bd55b55b078cab541f1329c028d277bd75f7638383cceb5bc282bd6b61f4f720cb54ac3ad73089f1c41bbb94610456a9280ce49e8e58c828e3
-
SSDEEP
196608:3RMlEjCDJekzNdnlwb8QTeyc/nMet8XjtLmoxZ98sQCE3RMpk:3RMlEjCDD3XN/Met8XjtmoXxQdGk
Behavioral task
behavioral1
Sample
Aurora X/Aurora X Executor.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Aurora X/Aurora X Executor.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
Aurora X/scripts/scripts.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
Aurora X/scripts/scripts.dll
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
Aurora X/Aurora X Executor.exe
-
Size
250.0MB
-
MD5
92564c95c7e74fdeebb377d27e9d290e
-
SHA1
769316c8b4ccd231e2f5d69833dc091767eece5c
-
SHA256
d7e49f8cff2989f09d7715b32eb9572cca1dc82a8438111a3c4d1dcb67cbc970
-
SHA512
ab09a5788170fbcbaa0c018564f05a39133b928f3204327961306c3a6e8d940898d56efc4b7970422f26ae6ac626d5dad57c39c7cd57789597bbb28d4bc4280b
-
SSDEEP
49152:r1IlxGGWIBgYxXjC036Nh/J/JV9ZXOUwiNUJmejgYSicTWL:G3PdBD8PV9nwi6
Score5/10-
Suspicious use of SetThreadContext
-
-
-
Target
Aurora X/scripts/scripts.dll
-
Size
18.7MB
-
MD5
88fd7dbf04bcf75123d02009aea3f7f7
-
SHA1
cecf16bdad71e54afc941179ea2b7438a04efa1d
-
SHA256
01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4
-
SHA512
2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917
-
SSDEEP
393216:hqA/D2IIyzg8DolBo6i0KoI6Di42sC1/syU3DXNs6hq8:hqcaZyV0fC1JOpjhq8
Score1/10 -