Overview

overview

10

Static

static

10

Aurora.exe

windows11-21h2-x64

5

Resubmissions

16-10-2024 15:25

241016-stwlqswgpd 10

16-10-2024 13:33

241016-qtxgxswbjl 10

15-10-2024 13:29

241015-qrdxss1cqp 10

15-10-2024 13:23

241015-qm17ja1arl 10

Analysis

  • max time kernel
    3s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15-10-2024 13:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Aurora.exe

  • Size

    77.6MB

  • MD5

    b13194cd15729b6eee0b35f175c2591f

  • SHA1

    ce44a71b5a27fb53ed412c0cd97eb589682231f8

  • SHA256

    fe357d72f46022e1efc8c8a88437bb4fb9fbf81830997db48d6f7a869985e606

  • SHA512

    b3903c5f4e62bd6ef6a40dd9ad91bc0b49dac224abc03eb0524f961082a5a610bce9f3a0fe28279b3626b9ed038aff36e4f359c973ebde9e75946e566ad562e3

  • SSDEEP

    1572864:hIvHcRl3WwmSk8IpG7V+VPhqYdfzE7tlhTgiYweyJulZUdg1hKrRdETV37U:evHcR5RmSkB05awcf2LVpuxhKrD4o

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 59 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\Aurora.exe
    "C:\Users\Admin\AppData\Local\Temp\Aurora.exe"
    1⤵
      PID:1120

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\VCRUNTIME140.dll
      Filesize

      75KB

      MD5

      be3683512cd259fa7ba16f8ca65823ac

      SHA1

      6f6b575575194da0bf21166cace973590b5fea5f

      SHA256

      4c34930aadae96752545f47f01661bdf8f2687ec62a597f2921cb36943ab1997

      SHA512

      c6ccfcf1470deb24152cab108f15e124dfdd98353e1163009e6bd8e07662961b6989d794e3d87982903d29cbf192fc9fcc8aa68375a2f84df146242fa60a2603

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\VCRUNTIME140.dll
      Filesize

      116KB

      MD5

      be8dbe2dc77ebe7f88f910c61aec691a

      SHA1

      a19f08bb2b1c1de5bb61daf9f2304531321e0e40

      SHA256

      4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83

      SHA512

      0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\libcrypto-3.dll
      Filesize

      152KB

      MD5

      c7b7209b59f849119e7a9b170ad7fc87

      SHA1

      44bbe09fb154103e335fb17355112dc0efda3980

      SHA256

      f6c13c58f108c93f36eed560a5c13896abcdaee65dac677a1cb9747e82d4a81a

      SHA512

      5b05fab95cca97e89ebbb858de5f674233b03466770f8135519acce4c888346e3c77a6a1dd6884c486acb40486a03c871a7bcfa7f8d3cf99702596eafd0288cd

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\libffi-8.dll
      Filesize

      29KB

      MD5

      013a0b2653aa0eb6075419217a1ed6bd

      SHA1

      1b58ff8e160b29a43397499801cf8ab0344371e7

      SHA256

      e9d8eb01bb9b02ce3859ba4527938a71b4668f98897d46f29e94b27014036523

      SHA512

      0bd13fa1d55133ee2a96387e0756f48133987bacd99d1f58bab3be7bffdf868092060c17ab792dcfbb4680f984f40d3f7cc24abdd657b756496aa8884b8f6099

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\libopus-0.x64.dll
      Filesize

      161KB

      MD5

      170486700fc40f0fbd7e80c1d826fa22

      SHA1

      c3ed55f8d110124b6615067d2bbc937954bb4e81

      SHA256

      72618736cb1be17dc501132f325bf93ec1d36d7efedc25692ba9a545da363631

      SHA512

      954be80a7c5ae04196426011562fb6b63b9ed367a90d92e52d0be20f36604f2b5587aa929f02d42697cc34610f008deb814be906c939f48c078dad49ea309c3f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\INSTALLER
      Filesize

      4B

      MD5

      365c9bfeb7d89244f2ce01c1de44cb85

      SHA1

      d7a03141d5d6b1e88b6b59ef08b6681df212c599

      SHA256

      ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

      SHA512

      d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\setuptools\_vendor\jaraco.functools-4.0.1.dist-info\LICENSE
      Filesize

      1023B

      MD5

      141643e11c48898150daa83802dbc65f

      SHA1

      0445ed0f69910eeaee036f09a39a13c6e1f37e12

      SHA256

      86da0f01aeae46348a3c3d465195dc1ceccde79f79e87769a64b8da04b2a4741

      SHA512

      ef62311602b466397baf0b23caca66114f8838f9e78e1b067787ceb709d09e0530e85a47bbcd4c5a0905b74fdb30df0cc640910c6cc2e67886e5b18794a3583f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\setuptools\_vendor\jaraco.text-3.12.1.dist-info\WHEEL
      Filesize

      92B

      MD5

      43136dde7dd276932f6197bb6d676ef4

      SHA1

      6b13c105452c519ea0b65ac1a975bd5e19c50122

      SHA256

      189eedfe4581172c1b6a02b97a8f48a14c0b5baa3239e4ca990fbd8871553714

      SHA512

      e7712ba7d36deb083ebcc3b641ad3e7d19fb071ee64ae3a35ad6a50ee882b20cd2e60ca1319199df12584fe311a6266ec74f96a3fb67e59f90c7b5909668aee1

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI11202\ucrtbase.dll
      Filesize

      115KB

      MD5

      949d94f685df73ad165015366bf700df

      SHA1

      cf8c905f3c2cbabce138d7580539362841d61056

      SHA256

      1d64b49048093ca657bf49ed79edba3236c188d952856a2dd33bf7b048d2b9c7

      SHA512

      64da174520b5cd0883002ee4e7d5f1fec955357d13668f2ba545b3d60f258b8223f0d2c63dda66140a1de9e11805c629f0875003e155b7eb5bfbe88b911524b3

      Download Submit

    • memory/3916-1532-0x00007FF926150000-0x00007FF926165000-memory.dmp

      Filesize

      84KB

      Download

    • memory/3916-1558-0x00007FF91C650000-0x00007FF91C65C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1421-0x00007FF930420000-0x00007FF93042F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/3916-1476-0x00007FF92AC60000-0x00007FF92AC79000-memory.dmp

      Filesize

      100KB

      Download

    • memory/3916-1478-0x00007FF929C70000-0x00007FF929CA3000-memory.dmp

      Filesize

      204KB

      Download

    • memory/3916-1482-0x00007FF92AD30000-0x00007FF92AD55000-memory.dmp

      Filesize

      148KB

      Download

    • memory/3916-1486-0x00007FF925EA0000-0x00007FF925FBA000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3916-1485-0x00007FF92AC80000-0x00007FF92ACAD000-memory.dmp

      Filesize

      180KB

      Download

    • memory/3916-1484-0x00007FF929C30000-0x00007FF929C57000-memory.dmp

      Filesize

      156KB

      Download

    • memory/3916-1483-0x00007FF929C60000-0x00007FF929C6B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1487-0x00007FF92C060000-0x00007FF92C074000-memory.dmp

      Filesize

      80KB

      Download

    • memory/3916-1501-0x00007FF926D00000-0x00007FF926D0C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1512-0x00007FF926B30000-0x00007FF926B46000-memory.dmp

      Filesize

      88KB

      Download

    • memory/3916-1514-0x00007FF9262A0000-0x00007FF9262B4000-memory.dmp

      Filesize

      80KB

      Download

    • memory/3916-1513-0x00007FF926B10000-0x00007FF926B22000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3916-1511-0x00007FF926B50000-0x00007FF926B5C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1516-0x00007FF926250000-0x00007FF926272000-memory.dmp

      Filesize

      136KB

      Download

    • memory/3916-1515-0x00007FF926280000-0x00007FF926297000-memory.dmp

      Filesize

      92KB

      Download

    • memory/3916-1510-0x00007FF926B60000-0x00007FF926B72000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3916-1518-0x00007FF925E80000-0x00007FF925E99000-memory.dmp

      Filesize

      100KB

      Download

    • memory/3916-1523-0x00007FF925DF0000-0x00007FF925E0E000-memory.dmp

      Filesize

      120KB

      Download

    • memory/3916-1525-0x00007FF925D90000-0x00007FF925DED000-memory.dmp

      Filesize

      372KB

      Download

    • memory/3916-1526-0x00007FF925CD0000-0x00007FF925D08000-memory.dmp

      Filesize

      224KB

      Download

    • memory/3916-1411-0x00007FF926390000-0x00007FF926A55000-memory.dmp

      Filesize

      6.8MB

      Download

    • memory/3916-1533-0x00007FF9154F0000-0x00007FF91566F000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/3916-1531-0x00007FF922320000-0x00007FF922344000-memory.dmp

      Filesize

      144KB

      Download

    • memory/3916-1535-0x00007FF922300000-0x00007FF922318000-memory.dmp

      Filesize

      96KB

      Download

    • memory/3916-1474-0x00007FF92C060000-0x00007FF92C074000-memory.dmp

      Filesize

      80KB

      Download

    • memory/3916-1563-0x00007FF91B3E0000-0x00007FF91B416000-memory.dmp

      Filesize

      216KB

      Download

    • memory/3916-1562-0x00007FF91B420000-0x00007FF91B42C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1561-0x00007FF91B540000-0x00007FF91B552000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3916-1560-0x00007FF91B560000-0x00007FF91B56D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3916-1564-0x00007FF915210000-0x00007FF9154F0000-memory.dmp

      Filesize

      2.9MB

      Download

    • memory/3916-1559-0x00007FF91B570000-0x00007FF91B57C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1557-0x00007FF922300000-0x00007FF922318000-memory.dmp

      Filesize

      96KB

      Download

    • memory/3916-1556-0x00007FF91C680000-0x00007FF91C68C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1555-0x00007FF91C690000-0x00007FF91C69E000-memory.dmp

      Filesize

      56KB

      Download

    • memory/3916-1554-0x00007FF91C660000-0x00007FF91C66B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1553-0x00007FF91C670000-0x00007FF91C67B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1552-0x00007FF91C6A0000-0x00007FF91C6AC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1551-0x00007FF9154F0000-0x00007FF91566F000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/3916-1550-0x00007FF922320000-0x00007FF922344000-memory.dmp

      Filesize

      144KB

      Download

    • memory/3916-1549-0x00007FF91C6B0000-0x00007FF91C6BC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1548-0x00007FF922350000-0x00007FF92237E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/3916-1547-0x00007FF920FE0000-0x00007FF920FEB000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1546-0x00007FF922380000-0x00007FF9223A9000-memory.dmp

      Filesize

      164KB

      Download

    • memory/3916-1545-0x00007FF9222A0000-0x00007FF9222AC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1544-0x00007FF925CD0000-0x00007FF925D08000-memory.dmp

      Filesize

      224KB

      Download

    • memory/3916-1543-0x00007FF925C70000-0x00007FF925C7B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1542-0x00007FF925D90000-0x00007FF925DED000-memory.dmp

      Filesize

      372KB

      Download

    • memory/3916-1541-0x00007FF925CC0000-0x00007FF925CCC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/3916-1540-0x00007FF925DF0000-0x00007FF925E0E000-memory.dmp

      Filesize

      120KB

      Download

    • memory/3916-1539-0x00007FF925D60000-0x00007FF925D6B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1538-0x00007FF925E10000-0x00007FF925E21000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3916-1537-0x00007FF926140000-0x00007FF92614B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3916-1536-0x00007FF925E30000-0x00007FF925E7D000-memory.dmp

      Filesize

      308KB

      Download