General

  • Target

    AuroraV2.rar

  • Size

    8.4MB

  • MD5

    75aa1f11bcf7c9aad1afed6deb496bb2

  • SHA1

    d470bc62b8e63475f6e0d46fa322efd4c86276f2

  • SHA256

    15291343730e474c0e6e5fbad71a34565d931992af70f79ddcd7f75ae1d991e6

  • SHA512

    3fb6c2768adb2abaccc7ac345e0d7cf3e2dd5346103ca52bb94c578a78a8e27310843e008d3034e64cc64b03fce1dba052c66a3f1eac1b096686b0a70eb991af

  • SSDEEP

    196608:nUjapQpEqjXdmfyaOxZgHAlhdFvqyfkErWJ8:UjaoEqzdmfkvRdFCyc/2

Score
9/10

Malware Config

Signatures

  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

Files

  • AuroraV2.rar
    .rar

    Password: rFSfkDLTcfUOOLsm

  • AuroraV2/Aurora X.exe
    .exe windows:6 windows x86 arch:x86

    Password: rFSfkDLTcfUOOLsm

    9ab9a81e69cf807eb00009b3ff30d4ca


    Code Sign

    Headers

    Imports

    Sections

  • AuroraV2/scripts/scripts.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    Password: rFSfkDLTcfUOOLsm

    a9fd3e7f71a802c8eee0a502f46de991


    Code Sign

    Headers

    Imports

    Exports

    Sections