Overview

overview

7

Static

static

3

Aurora-set...11.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    262s
  • max time network
    228s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06-03-2024 16:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Aurora-setup-v0.7.2.11.exe

  • Size

    46.7MB

  • MD5

    baba2408838c92b99913b9071450b54d

  • SHA1

    aaab10f09871345b2084e63f23f472c15bf70581

  • SHA256

    1e16b5b96509a4d740f0d0249a99fe20e1e3871e04648eab099cdbbcdff1e46b

  • SHA512

    f68b9b5bae9da7e587062bec282ad62db0fa2d464f3419ff3ace78f2f2657edeb2123eb9dfb5c6dbe90265da4a28f64ec78eccaa73308fb3ccafce6e879ceaeb

  • SSDEEP

    786432:PqINNrYqWGFDk7QuFBgy/BfhI7jUGo4vYFIjnybfG0CnjLQuUTVW3NkWuBCrczTL:BrYqWKe5FBf/B5I7jpofG7yq04zU032/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Aurora-setup-v0.7.2.11.exe
    "C:\Users\Admin\AppData\Local\Temp\Aurora-setup-v0.7.2.11.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Users\Admin\AppData\Local\Temp\is-V5DHI.tmp\Aurora-setup-v0.7.2.11.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-V5DHI.tmp\Aurora-setup-v0.7.2.11.tmp" /SL5="$50062,48470893,404480,C:\Users\Admin\AppData\Local\Temp\Aurora-setup-v0.7.2.11.exe"
      2⤵
      • Executes dropped EXE
      PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-V5DHI.tmp\Aurora-setup-v0.7.2.11.tmp
    Filesize

    1.4MB

    MD5

    fcf1bf76c8b95dd6be59cd27d4b98cf8

    SHA1

    997755ed6777183aaa9838ca64ac6a4c8ab94fd3

    SHA256

    18401a4cf584d6f87dfeff9e40890edf3d7d85aaccf16545b50d6ba272ea42ca

    SHA512

    66d5ef527c712e2b2e405adef1c86eec8fd4d3d94fab9a133f04155f59eca8e605ce755b42db10626b5aeedba2f1568200bfb0608171876553814fd218b405f0

    Download Submit

  • memory/924-5-0x0000000000850000-0x0000000000851000-memory.dmp

    Filesize

    4KB

    Download

  • memory/924-8-0x0000000000400000-0x0000000000572000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/924-11-0x0000000000850000-0x0000000000851000-memory.dmp

    Filesize

    4KB

    Download

  • memory/924-13-0x0000000000400000-0x0000000000572000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/924-23-0x0000000000400000-0x0000000000572000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/924-31-0x0000000000400000-0x0000000000572000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/924-33-0x0000000000400000-0x0000000000572000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2744-0-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/2744-7-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download