Overview

overview

10

Static

static

9

by Ryosx [...s].zip

windows7-x64

1

by Ryosx [...s].zip

windows10-2004-x64

1

AUR0RA V3.rar

windows7-x64

3

AUR0RA V3.rar

windows10-2004-x64

7

AUR0RA V3/...V3.exe

windows7-x64

10

AUR0RA V3/...V3.exe

windows10-2004-x64

10

$INTERNET_CACHE/Alot

windows7-x64

1

$INTERNET_CACHE/Alot

windows10-2004-x64

1

$INTERNET_...earing

windows7-x64

1

$INTERNET_...earing

windows10-2004-x64

1

$INTERNET_...otions

windows7-x64

1

$INTERNET_...otions

windows10-2004-x64

$INTERNET_...rotica

windows7-x64

1

$INTERNET_...rotica

windows10-2004-x64

1

$INTERNET_CACHE/Fcc

windows7-x64

1

$INTERNET_CACHE/Fcc

windows10-2004-x64

1

$INTERNET_...ighter

windows7-x64

1

$INTERNET_...ighter

windows10-2004-x64

1

$INTERNET_...er.ps1

windows7-x64

1

$INTERNET_...er.ps1

windows10-2004-x64

1

$INTERNET_CACHE/Genre

windows7-x64

1

$INTERNET_CACHE/Genre

windows10-2004-x64

1

$INTERNET_...rrison

windows7-x64

1

$INTERNET_...rrison

windows10-2004-x64

1

$INTERNET_CACHE/Idea

windows7-x64

1

$INTERNET_CACHE/Idea

windows10-2004-x64

1

$INTERNET_...roduce

windows7-x64

1

$INTERNET_...roduce

windows10-2004-x64

1

$INTERNET_CACHE/Ld

windows7-x64

1

$INTERNET_CACHE/Ld

windows10-2004-x64

1

$INTERNET_...ipants

windows7-x64

1

$INTERNET_...ipants

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-04-2024 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AUR0RA V3.rar

  • Size

    9.0MB

  • MD5

    0df42dd74a3e614a12173fd71aaf98fe

  • SHA1

    52e949b521a2ff7671b663ec5b8ab197e5dd7ffd

  • SHA256

    656eb84822afbd053bf199f8362fd15b7fef64f18c83ff74f6fb547dbc6ad813

  • SHA512

    3347ef6ec4389671d8c3929e9ec9d730c5941528866e8e6011927d2ef288be179f320f7d61c8f8fa68f6888c385bfac72b850d7c0819bdaee8d744d901a5839b

  • SSDEEP

    196608:ZqqB7bIs+K5/wcoKsZpyCa4sbJNtoKpwI0qWgQUoobIxYovpHa:ZqC+KChLyp4uNmRI0qkwtmHa

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\AUR0RA V3.rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files\7-Zip\7zFM.exe
      "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\AUR0RA V3.rar"
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      PID:2184

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads