e1108eed1eab9e6eac2d48139776a585b56ec575b1f8e41ed40099e8d6c93778.exe

General
Target

e1108eed1eab9e6eac2d48139776a585b56ec575b1f8e41ed40099e8d6c93778.exe

Size

654KB

Sample

210417-sy45l6jv5e

Score
10 /10
MD5

8bb18b475567b8ca925c0579edafeef6

SHA1

2001d58afa9266b364cd6a9d4edb9493f43b43f6

SHA256

e1108eed1eab9e6eac2d48139776a585b56ec575b1f8e41ed40099e8d6c93778

SHA512

76765a1679d1b6e56d41300580167131ca73156b36e0c0ec409242a24a7ac282d16178351eabfc0ec24e0b15d9c9d9251ee3daf12e7ded7b970aec583909019b

Malware Config

Extracted

Family azorult
C2

http://www.11n.us/j2/index.php

Targets
Target

e1108eed1eab9e6eac2d48139776a585b56ec575b1f8e41ed40099e8d6c93778.exe

MD5

8bb18b475567b8ca925c0579edafeef6

Filesize

654KB

Score
10 /10
SHA1

2001d58afa9266b364cd6a9d4edb9493f43b43f6

SHA256

e1108eed1eab9e6eac2d48139776a585b56ec575b1f8e41ed40099e8d6c93778

SHA512

76765a1679d1b6e56d41300580167131ca73156b36e0c0ec409242a24a7ac282d16178351eabfc0ec24e0b15d9c9d9251ee3daf12e7ded7b970aec583909019b

Tags

Signatures

  • Azorult

    Description

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10