azorult | 9aee92df3530cb75fb37ffe332199dc0a61718a010d34fc48dbbe16fdd1b3154 | Triage

Submit
Reports

Overview

overview

Static

static

1

GRS66701.exe

windows7_x64

GRS66701.exe

windows10_x64

Sharing

General

Target

GRS66701.exe
Size

151KB
Sample

210407-5zwj738266
MD5

390ac19e8d4b6eba1a936a5052b6babf
SHA1

1700afbdafcf20ee9deeee4165f6758403e7f43a
SHA256

9aee92df3530cb75fb37ffe332199dc0a61718a010d34fc48dbbe16fdd1b3154
SHA512

b876561ce26fafe4b7a4423c8a992bac48625eb68a540608a499d0b3920841666d01dd83f85f669fafd960ef1e10c7395578107174a33a799d4e542f3faf05a7

Score

10^/10

azorult infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

GRS66701.exe

Resource

win7v20201028

azorult infostealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

GRS66701.exe

Resource

win10v20201028

azorult infostealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

azorult

C2

http://staging.onyxa.pl/XyuTr/index.php

Targets

- Target
  
  GRS66701.exe
- Size
  
  151KB
- MD5
  
  390ac19e8d4b6eba1a936a5052b6babf
- SHA1
  
  1700afbdafcf20ee9deeee4165f6758403e7f43a
- SHA256
  
  9aee92df3530cb75fb37ffe332199dc0a61718a010d34fc48dbbe16fdd1b3154
- SHA512
  
  b876561ce26fafe4b7a4423c8a992bac48625eb68a540608a499d0b3920841666d01dd83f85f669fafd960ef1e10c7395578107174a33a799d4e542f3faf05a7
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan

© 2018-2024

Terms | Privacy