Overview

overview

10

Static

static

10

c0741e2548...12.exe

windows7_x64

10

c0741e2548...12.exe

windows10_x64

10

Analysis

  • max time kernel
    35s
  • max time network
    111s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    04-05-2021 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0741e25484d3ed9ab786a852564500602186b59638397ffbe37eab9182a7512.exe

  • Size

    112KB

  • MD5

    fdef96d4d036ae3dd5a1d87b6d04481d

  • SHA1

    cc8dc1dc65acacc01f262490b9f1952d07cf3124

  • SHA256

    c0741e25484d3ed9ab786a852564500602186b59638397ffbe37eab9182a7512

  • SHA512

    b242485aa77f736ba4ab789091f70d39ead8ab1326596e7233e8be2f1cd76a23ddf1d5f8ca91b069e339206e2dd65c846e4e9f52899aef72307d410634997165

Score
10/10
azorultinfostealertrojan

Malware Config

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult
  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c0741e25484d3ed9ab786a852564500602186b59638397ffbe37eab9182a7512.exe
    "C:\Users\Admin\AppData\Local\Temp\c0741e25484d3ed9ab786a852564500602186b59638397ffbe37eab9182a7512.exe"
    1⤵
      PID:3944
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3944 -s 1236
        2⤵
        • Program crash
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2676

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads