General
-
Target
setup.exe
-
Size
330KB
-
Sample
210118-ewvqsvqv5n
-
MD5
4fb12915ec3df629bd6debb020c9335a
-
SHA1
74f392b9d1292f9b8f785aab1195da3af4b3ce05
-
SHA256
acc926769da08ae780c7b3a04742b447f3b0a0a0b40806665419c9826cc2de6b
-
SHA512
d2b7106f1ec8fb5575056c61846921ce8fe963cb652c7f451c95f5798b96463b5a88fb2d9591d32e0a54fedf0ddd85acd4d41a7110df3d70970674dbee900981
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v20201028
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
setup.exe
-
Size
330KB
-
MD5
4fb12915ec3df629bd6debb020c9335a
-
SHA1
74f392b9d1292f9b8f785aab1195da3af4b3ce05
-
SHA256
acc926769da08ae780c7b3a04742b447f3b0a0a0b40806665419c9826cc2de6b
-
SHA512
d2b7106f1ec8fb5575056c61846921ce8fe963cb652c7f451c95f5798b96463b5a88fb2d9591d32e0a54fedf0ddd85acd4d41a7110df3d70970674dbee900981
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious use of SetThreadContext
-