azorult | a9c9824497908a525a168c43d743fea3d1f5dc4c3004e8fe51b77a28ac018829 | Triage

Sharing

General

Target

A9C9824497908A525A168C43D743FEA3D1F5DC4C3004E.exe
Size

1.2MB
Sample

210423-1f5abrfhtj
MD5

db11017a353658fcc955f9135686b16e
SHA1

a1d450a61681d4f2e882f84b5d505b5d47839e5d
SHA256

a9c9824497908a525a168c43d743fea3d1f5dc4c3004e8fe51b77a28ac018829
SHA512

3b2d5153e4baf25488374ff028bd6cad8fcc9ac1057252b3ef47a1938a7798c7d60efab8fc5083f26c79def5a1455e8c88d1cdfdda0e15fd668fcb991b7e2d59

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://cryptofaze.com/index.php

Targets

- Target
  
  A9C9824497908A525A168C43D743FEA3D1F5DC4C3004E.exe
- Size
  
  1.2MB
- MD5
  
  db11017a353658fcc955f9135686b16e
- SHA1
  
  a1d450a61681d4f2e882f84b5d505b5d47839e5d
- SHA256
  
  a9c9824497908a525a168c43d743fea3d1f5dc4c3004e8fe51b77a28ac018829
- SHA512
  
  3b2d5153e4baf25488374ff028bd6cad8fcc9ac1057252b3ef47a1938a7798c7d60efab8fc5083f26c79def5a1455e8c88d1cdfdda0e15fd668fcb991b7e2d59
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan