azorult | fe69416ea50c8316791d7de7da893f9189c3d5f34cb9c64026206d19325ef5c5 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Inject4.11083.19609.1028
Size

587KB
Sample

210430-btptvwkmps
MD5

eb6c0ff23c01dd3528789c8142890547
SHA1

7cfed1e8bed52f4f376e5702dc303b6235b8a19d
SHA256

fe69416ea50c8316791d7de7da893f9189c3d5f34cb9c64026206d19325ef5c5
SHA512

0e3bf1fbbe15a26d6648a1eca4f2d66544a9d4293956aaaac8d258141d74ce11d4849b610285342219d315836dbe9e71aec9a1896020bb5def645ccdf994d94b

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

- Target
  
  SecuriteInfo.com.Trojan.Inject4.11083.19609.1028
- Size
  
  587KB
- MD5
  
  eb6c0ff23c01dd3528789c8142890547
- SHA1
  
  7cfed1e8bed52f4f376e5702dc303b6235b8a19d
- SHA256
  
  fe69416ea50c8316791d7de7da893f9189c3d5f34cb9c64026206d19325ef5c5
- SHA512
  
  0e3bf1fbbe15a26d6648a1eca4f2d66544a9d4293956aaaac8d258141d74ce11d4849b610285342219d315836dbe9e71aec9a1896020bb5def645ccdf994d94b
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan