General
-
Target
Aurxra V6.exe
-
Size
287.0MB
-
Sample
240415-w8ylesff4t
-
MD5
feaef80a175e24dbf45cb0f3561f4891
-
SHA1
dd8652d5623aec0e0de66f50df8d75c3cb54e050
-
SHA256
6b5c7a2136f31631e64960abe17dea5a4eccf9f40943f0f492bc397c8189d5a3
-
SHA512
218c01e342aead4a1094ee57344d29ecde0fbe8216d270ba376344790e0202eaea161be52e183c5442a45b55c657cf8340b6f027288ceaf790069f111994101d
-
SSDEEP
49152:Ght9sTkCObgYD//RcCHEDIpPmChB2iqUL7h5IGn:Ght9bCOblJcqIIJtMq5H
Static task
static1
Behavioral task
behavioral1
Sample
Aurxra V6.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Aurxra V6.exe
-
Size
287.0MB
-
MD5
feaef80a175e24dbf45cb0f3561f4891
-
SHA1
dd8652d5623aec0e0de66f50df8d75c3cb54e050
-
SHA256
6b5c7a2136f31631e64960abe17dea5a4eccf9f40943f0f492bc397c8189d5a3
-
SHA512
218c01e342aead4a1094ee57344d29ecde0fbe8216d270ba376344790e0202eaea161be52e183c5442a45b55c657cf8340b6f027288ceaf790069f111994101d
-
SSDEEP
49152:Ght9sTkCObgYD//RcCHEDIpPmChB2iqUL7h5IGn:Ght9bCOblJcqIIJtMq5H
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-