General
-
Target
Worksheet.exe
-
Size
786KB
-
Sample
210422-hv5h9kzhgj
-
MD5
5facfb9ed998b8f292da114f84cabb06
-
SHA1
98b47094b6be743971163327715cf052142ab7f7
-
SHA256
b3b81c1169d7c9595f001b4b97fd871b78f3dbd7c1062df1587518219dafb7bd
-
SHA512
a8c7c5004dce32e2d023954ebe04937a1860c9133a26d7186a0c22828d6747cb03e86ea4098c71c762c1572be54ca7e3d1d9357dafd636bb3b39ffcc0acb7163
Static task
static1
Behavioral task
behavioral1
Sample
Worksheet.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Worksheet.exe
Resource
win10v20210408
Malware Config
Extracted
azorult
http://31.210.20.121/index.php
Targets
-
-
Target
Worksheet.exe
-
Size
786KB
-
MD5
5facfb9ed998b8f292da114f84cabb06
-
SHA1
98b47094b6be743971163327715cf052142ab7f7
-
SHA256
b3b81c1169d7c9595f001b4b97fd871b78f3dbd7c1062df1587518219dafb7bd
-
SHA512
a8c7c5004dce32e2d023954ebe04937a1860c9133a26d7186a0c22828d6747cb03e86ea4098c71c762c1572be54ca7e3d1d9357dafd636bb3b39ffcc0acb7163
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious use of SetThreadContext
-