Resubmissions
29-06-2024 09:31
240629-lg563sxglj 1029-06-2024 09:28
240629-lfeyhaxfrk 1029-06-2024 09:23
240629-lcqktsxfmk 10Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
29-06-2024 09:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Aura.exe
Resource
win7-20240508-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Aura.exe
Resource
win10v2004-20240508-en
10 signatures
150 seconds
General
-
Target
Aura.exe
-
Size
493KB
-
MD5
7e7b8be8a1f1ef05c932ea1e8eab6590
-
SHA1
f790227a5148d6cba037c24643306f330c6fe5f4
-
SHA256
c7383b039d569cc256026d6b7985bb763f36530708bca3e4f82fa130d2d7dfbb
-
SHA512
c57fc80bf97309ca887c88526fc586b080d47c4f2ebe611d40f94f48c0af2b7c56cec19f0379a5bc27bd6a0e2f75bdb7953c05bcc1069633812bbd22649ef890
-
SSDEEP
12288:qGlz1vS9p1+kOwILHmKfZcBg688m/Iezfihoto8:qyNSgJqBg6NmAeehn
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2088 1780 WerFault.exe Aura.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Aura.exedescription pid process target process PID 1780 wrote to memory of 2088 1780 Aura.exe WerFault.exe PID 1780 wrote to memory of 2088 1780 Aura.exe WerFault.exe PID 1780 wrote to memory of 2088 1780 Aura.exe WerFault.exe PID 1780 wrote to memory of 2088 1780 Aura.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1780-0-0x00000000000E0000-0x00000000000E1000-memory.dmpFilesize
4KB