azorult | 604fb57abf533252434d0b229de17d87f73e21a349f512cd2517f309f7a6fda7 | Triage

Sharing

General

Target

New Order.zip
Size

633KB
Sample

210422-xfkyfj67hx
MD5

6bbcd52ea93f5448cecb758b4e819983
SHA1

7c8b37c04676be11f23b3bd496a78266a11e4b99
SHA256

604fb57abf533252434d0b229de17d87f73e21a349f512cd2517f309f7a6fda7
SHA512

9f813cf9dd0356b6ddc1e770dc7195f382b4f1ce46b5d325f4c812c50f3bb6ff6ba1cc7676a7e4052fda1f9e33cbea4bbc8ba8cf3d738d3cf2a8cdb1b37444d7

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://149.248.35.254/index.php

Targets

- Target
  
  New Order.exe
- Size
  
  785KB
- MD5
  
  23df9b65361d18bcbab8d29f6a0b99c8
- SHA1
  
  f895389d4f366f7fcdced202ea7357195d8a8373
- SHA256
  
  fe740b0963f4003fcffab9a6455b66c78b1844c5b48fe0e61a68804484620f65
- SHA512
  
  09057fb93f8d1faa032b3414e1c34b804047eec36443d24242f568c96261f85629f487ab4373c6540e8f34d1d583182867bc3e9f0bb030c1faa4d508f27b8d44
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan