Extracted

Extracted

• • Target

    b699a2766f106ff77377780bad431b72ef1748bf989e09f2b82fb73cf30cbde3.exe

  • Size

    242KB

  • MD5

    62231fa0b731bd0aac1c55bd8ed15898

  • SHA1

    d3dd155f601bb80e417b9b0a6cf294215107af46

  • SHA256

    b699a2766f106ff77377780bad431b72ef1748bf989e09f2b82fb73cf30cbde3

  • SHA512

    6539e010a88784c5c6c605038b2edb38c06d060543140e08c405025fd4c825f281e78993309a82dabb26148d5ad5eaf5eb0ea87f9fe95a520cd59d9c508c683c

  Score

  10^/10

  azorultoskidiscoveryinfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2