Overview

overview

10

Static

static

9

by RRyos [...s].zip

windows7-x64

1

by RRyos [...s].zip

windows10-2004-x64

1

A0RORA.rar

windows7-x64

3

A0RORA.rar

windows10-2004-x64

7

A0RORA/A0RORA V4.exe

windows7-x64

10

A0RORA/A0RORA V4.exe

windows10-2004-x64

10

$INTERNET_CACHE/Annex

windows7-x64

1

$INTERNET_CACHE/Annex

windows10-2004-x64

1

$INTERNET_...Ballot

windows7-x64

1

$INTERNET_...Ballot

windows10-2004-x64

1

$INTERNET_CACHE/Batch

windows7-x64

1

$INTERNET_CACHE/Batch

windows10-2004-x64

1

$INTERNET_...alcium

windows7-x64

1

$INTERNET_...alcium

windows10-2004-x64

1

$INTERNET_...al.ps1

windows7-x64

1

$INTERNET_...al.ps1

windows10-2004-x64

1

$INTERNET_...lation

windows7-x64

1

$INTERNET_...lation

windows10-2004-x64

1

$INTERNET_...cribed

windows7-x64

1

$INTERNET_...cribed

windows10-2004-x64

1

$INTERNET_CACHE/Eur

windows7-x64

1

$INTERNET_CACHE/Eur

windows10-2004-x64

1

$INTERNET_CACHE/Guide

windows7-x64

1

$INTERNET_CACHE/Guide

windows10-2004-x64

1

$INTERNET_CACHE/Hits

windows7-x64

1

$INTERNET_CACHE/Hits

windows10-2004-x64

1

$INTERNET_CACHE/Hoped

windows7-x64

1

$INTERNET_CACHE/Hoped

windows10-2004-x64

1

$INTERNET_...dicine

windows7-x64

1

$INTERNET_...dicine

windows10-2004-x64

1

$INTERNET_...treets

windows7-x64

1

$INTERNET_...treets

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    by RRyos [GoddyXpl0its].zip

  • Size

    8.9MB

  • MD5

    5dab6d05600aa9a4a8e65fe3a51c73c3

  • SHA1

    05908e4690b74bf771eda6d35af36c185241bc99

  • SHA256

    87dc8a31b38e584652dbbea9996dcbff96599dac087b5b48d74b02f4af9b0d86

  • SHA512

    e769a2b20d8967c4fd11b2801053e11fc4f0812a7c56053cc07dde7715dc11a5447f7fd50411f6ef153a921957f21a19cfb3f99c866d0f4ccb6d676ce5934636

  • SSDEEP

    196608:VMnUiG7Cxjdqsfs9V5bbJjpohW36O4oNeXJoji0VYFp5K8:VMng7CxjdqxVdbYm6jAe+urFpt

Score
9/10
cryptonepacker

Malware Config

Signatures

  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

    cryptonepacker
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • by RRyos [GoddyXpl0its].zip
    .zip

    Password: wkHBwXUqgpzRQUji

  • A0RORA.rar
    .rar

    Password: wkHBwXUqgpzRQUji

  • A0RORA/A0RORA V4.exe
    .exe windows:4 windows x86 arch:x86

    Password: wkHBwXUqgpzRQUji

    56a78d55f3f7af51443e58e0ce2fb5f6


    Headers

    Imports

    Sections

  • $INTERNET_CACHE/Annex
  • $INTERNET_CACHE/Ballot
  • $INTERNET_CACHE/Batch
  • $INTERNET_CACHE/Calcium
  • $INTERNET_CACHE/Classical
    .ps1
  • $INTERNET_CACHE/Compilation
  • $INTERNET_CACHE/Described
  • $INTERNET_CACHE/Eur
  • $INTERNET_CACHE/Guide
  • $INTERNET_CACHE/Hits
  • $INTERNET_CACHE/Hoped
  • $INTERNET_CACHE/Medicine
  • $INTERNET_CACHE/Streets
  • $INTERNET_CACHE/Temple
  • $INTERNET_CACHE/Viewing
  • A0RORA/scripts/scripts.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    Password: wkHBwXUqgpzRQUji

    a9fd3e7f71a802c8eee0a502f46de991


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • README.txt