General
-
Target
04721BFDE5ECE7D75CE90D7D09DDCC71028B26F229038.exe
-
Size
231KB
-
Sample
210429-ms8gtp3d4n
-
MD5
0a1c0441a4b383a7c91bb3a0b2036b20
-
SHA1
cc32f97cdd7389e4857ca508a4b598831f6c7fd3
-
SHA256
04721bfde5ece7d75ce90d7d09ddcc71028b26f2290382ffb78efcb2c436b2b6
-
SHA512
faa4b15dc354c966dd9447ed52cf94964b224c4b30bb9692706af119e2e6936a2e6188b7cc3743129aeb80db96ecd18573a860fe2ea6fd4bbc3c37af4e09de14
Static task
static1
Behavioral task
behavioral1
Sample
04721BFDE5ECE7D75CE90D7D09DDCC71028B26F229038.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
04721BFDE5ECE7D75CE90D7D09DDCC71028B26F229038.exe
Resource
win10v20210410
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
04721BFDE5ECE7D75CE90D7D09DDCC71028B26F229038.exe
-
Size
231KB
-
MD5
0a1c0441a4b383a7c91bb3a0b2036b20
-
SHA1
cc32f97cdd7389e4857ca508a4b598831f6c7fd3
-
SHA256
04721bfde5ece7d75ce90d7d09ddcc71028b26f2290382ffb78efcb2c436b2b6
-
SHA512
faa4b15dc354c966dd9447ed52cf94964b224c4b30bb9692706af119e2e6936a2e6188b7cc3743129aeb80db96ecd18573a860fe2ea6fd4bbc3c37af4e09de14
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-