Aurora49334954135[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Aurora49334954135.exe
Size

665KB
MD5

618490633eb2c7c426d135e7e995cfa2
SHA1

cb0980de07d6bbdef619202d903d401eeeb89b08
SHA256

53f98d921f6e3bd37802187034420f34db9cef8ec82fa35e6e3dfa6431412caa
SHA512

46850c9c71a8f05f8976ddce6969925de59d2f364d972e63e6e06ed7d20328157672e7bb3d7fc243b787de94a1bed3cda9f5e9364f1e964197769a257ae31343
SSDEEP

12288:WywMFBrMa/war8kZ+VQ95gccfcveXAE168JRnuZYYzsZsW/WcwSqJNWIx2iwq5N:BFBzTr8or

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Aurora49334954135.exe

Files

Aurora49334954135.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

*!~1`
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ