Extracted

Extracted

• • Target

    34a27a9beb4f68668a75967b9ea609dd2a958b29c66b70e0bd8e69bc5456fedb.exe

  • Size

    667KB

  • MD5

    a7bb277ebea155081e10479495249ad7

  • SHA1

    47b8964f0904bd37997d8d8580fcf08fc76b98d1

  • SHA256

    34a27a9beb4f68668a75967b9ea609dd2a958b29c66b70e0bd8e69bc5456fedb

  • SHA512

    c53f9f3e654b963cf61c2112f4470809c582994235eb16ffd4f2edf7b68f16b3ee65622b0dfae2aed8e4f0859b320d48ac5e7a5268b0f3b51dc97197e8b96701

  Score

  10^/10

  azorultoskidiscoveryinfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2