General

  • Target

    Avvrora X.rar

  • Size

    9.1MB

  • MD5

    255a3d4d3d51c2c5cd0b653372275089

  • SHA1

    fae15aff276195f9ae4d5fae9b7e2db8224c786a

  • SHA256

    ec8c065921cdc147f8f808f03ac0f40b56b84bbf980b5391b2c6b986c4b346f3

  • SHA512

    a0bba97df0b67c55478182055ed458f70e0b4196873982244e7e427a3670ebb5cf1489b32d4aa739d749c2128cb9da057f564d7cfc82a8ddfc74e75bab8931fc

  • SSDEEP

    196608:cHxHqzwYd9c4QY47xZJONWhKkFD+1a15hTfdcJGB9arSuLt:cQzu3Y474NWh5Ea1Tco9+SuLt

Score
9/10

Malware Config

Signatures

  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Avvrora X.rar
    .rar

    Password: 1515

  • Avvrora X/Avrora X.exe
    .exe windows:6 windows x64 arch:x64

    Password: 1515

    5929190c8765f5bc37b052ab5c6c53e7


    Headers

    Imports

    Exports

    Sections

  • Avvrora X/scripts/scripts.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    Password: 1515

    a9fd3e7f71a802c8eee0a502f46de991


    Code Sign

    Headers

    Imports

    Exports

    Sections