Extracted

• • Target

    7b6ea3225a5e928a7b751832928eec72d8cdb507df47f7ca16d0160ceac99536.exe

  • Size

    687KB

  • MD5

    82b7a69d01a564ae5331b87dcd7f46f6

  • SHA1

    1651767ea77542080d22d5df7ddad01f612dbcbb

  • SHA256

    7b6ea3225a5e928a7b751832928eec72d8cdb507df47f7ca16d0160ceac99536

  • SHA512

    66ed36f0eeb67a010031d43569f78d8e406ef387cab22f2abba64b4898d7d612d8192ec328dccc77cddce8aa15dcae4850ce31ebd24a69b57ca4ca762642e4e4

  Score

  10^/10

  azorultdiscoveryinfostealerspywaretrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spyware

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spyware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • JavaScript code in executable

  • Suspicious use of SetThreadContext

  behavioral1behavioral2