Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    19-04-2021 22:06

General

  • Target

    3329FA46D80491C01A934E85BF256D2F.exe

  • Size

    112KB

  • MD5

    3329fa46d80491c01a934e85bf256d2f

  • SHA1

    ff65c942976a5d73544f88f6e767281adc2633c0

  • SHA256

    6d516f7d8af7bd535416236e60299dbcaad38f490716de3eae65c641f08b941b

  • SHA512

    e097a5b0d72eabac9ce564e5a902d8d3105e51b6385d4f5392ec30341ad98e6c224d88bfaadd819ac84db52d1a4537ef26e23d80e1d4e14a51fb9ce3a7ee7450

Malware Config

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

  • Modifies system certificate store 2 TTPs 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3329FA46D80491C01A934E85BF256D2F.exe
    "C:\Users\Admin\AppData\Local\Temp\3329FA46D80491C01A934E85BF256D2F.exe"
    1⤵
    • Modifies system certificate store
    PID:3176

Network

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Replay Monitor

Loading Replay Monitor...

Downloads