General
-
Target
ORDER 22_04_21.exe
-
Size
315KB
-
Sample
210422-bjm8qhg6dx
-
MD5
0688aad4b83875999f0485a908c55e83
-
SHA1
6077c4248b2c19a80cc79ad9628cc047b6f669d6
-
SHA256
6683c418aed0682957fb75825bce4729c6279c1f8555f83da557f7609d79c1c2
-
SHA512
496f254e732d3daa770a2a5a56803d3300567bb5595c9ecca0996dba37ff36a7836a057bff15e15592766072a945957a39d20e567fd286722c57b19702373797
Static task
static1
Behavioral task
behavioral1
Sample
ORDER 22_04_21.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
ORDER 22_04_21.exe
Resource
win10v20210410
Malware Config
Extracted
azorult
http://bengalcement.com.bd/AxPu/index.php
Targets
-
-
Target
ORDER 22_04_21.exe
-
Size
315KB
-
MD5
0688aad4b83875999f0485a908c55e83
-
SHA1
6077c4248b2c19a80cc79ad9628cc047b6f669d6
-
SHA256
6683c418aed0682957fb75825bce4729c6279c1f8555f83da557f7609d79c1c2
-
SHA512
496f254e732d3daa770a2a5a56803d3300567bb5595c9ecca0996dba37ff36a7836a057bff15e15592766072a945957a39d20e567fd286722c57b19702373797
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-