Overview

overview

9

Static

static

9

Avrora/Avrora V3.exe

windows11-21h2-x64

7

$TEMP/Kernel.exe

windows11-21h2-x64

Avrora/scr...ts.dll

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Е х e c u t 0 r [by RyosX] V2.zip

  • Size

    8.8MB

  • Sample

    240325-ztsneahd97

  • MD5

    702719b3fe8738646064cded82d957a5

  • SHA1

    9d937ad2562780e6332fa29b8f05c7f89eeb23c1

  • SHA256

    4b77b9bd29a6450bc5efeaaf54f983a08b445d3f1851fb1c3aa21efea8155617

  • SHA512

    eb72a12e4376d787b6ce15f16912353699448f5a7b676e4506586031b4680e76e8a0b56872aabd5f6deba768065373c65cef1d00ebb46560f1a61d0a1ff72c02

  • SSDEEP

    196608:TMXWOQC4vY88sLRSO9PuzNPHwTTEZj0INoUcEdQa3Kz6SyiHmO:TkR6vFRtPu50wZgGovEdQGg7yqh

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      Avrora/Avrora V3.exe

    • Size

      288.0MB

    • MD5

      251c808240a41384f65c2af56c740d21

    • SHA1

      64f542b87da5197a57e65357f651447aa1da79ba

    • SHA256

      33e181951fd9239a070d24fce986c69a8195d85bbc6a01fb0da1d59240d03a8e

    • SHA512

      3293fb758b0d2dff86bf0c00f3a4e5aa168047437870b389038d7745bd3a97cace23246abb8bfb03571a29b663b9c236545ef94655ad6c4e0fecc26edba1982b

    • SSDEEP

      49152:1gP6CR/DNTvyVUnXZ23kIdsUyTCp1RL5ned:1g1hTvyGYUIdiCdm

    Score
    7/10

    • Executes dropped EXE

    behavioral1

    • Target

      $TEMP/Kernel

    • Size

      226KB

    • MD5

      d4a9f35a87b3c1f144979b81f0f6e940

    • SHA1

      6eb3973f421430d82ad6224c42b5e25f148de9f9

    • SHA256

      56ebaf19a4607fcd93adafd10eb29b96e7a27f66684b8d2f403bcc083205edd8

    • SHA512

      39cf093e00544a4a0b17af541545ea0ddbfd54c2a5547feb92ce4ec3db758a78410769d93779c21981bdf063c1882a9206f78bda7303a68d0935693da6a9b3a5

    • SSDEEP

      6144:1K5vPeDkjGgQaE/loUDtf0accB3gBmmLsiS+SAZ:uvG4waEqOfFfB3gBTQ+SAZ

    Score
    1/10
    behavioral2

    • Target

      Avrora/scripts/scripts.dll

    • Size

      18.7MB

    • MD5

      88fd7dbf04bcf75123d02009aea3f7f7

    • SHA1

      cecf16bdad71e54afc941179ea2b7438a04efa1d

    • SHA256

      01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4

    • SHA512

      2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917

    • SSDEEP

      393216:hqA/D2IIyzg8DolBo6i0KoI6Di42sC1/syU3DXNs6hq8:hqcaZyV0fC1JOpjhq8

    Score
    1/10
    behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Process Discovery

1
T1057

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks