Overview

overview

10

Static

static

6bf4ce3816...3d.exe

windows7_x64

10

6bf4ce3816...3d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bf4ce3816de412d0cdfc51e6a227a87e0427cba267f76fe846f200eb407883d

  • Size

    1.4MB

  • Sample

    210508-gc8fgvc4fs

  • MD5

    06fb398386bae0bbfbfa2d67ad13b016

  • SHA1

    45ad3b114e1ec168eee2a65f98bb302767bccc2f

  • SHA256

    6bf4ce3816de412d0cdfc51e6a227a87e0427cba267f76fe846f200eb407883d

  • SHA512

    6253e13f16b6f99cbac29d03f01cfabc8978d51bb08ba0cdabea948b6761f9cff5c7543e8a0a0db626b1ccd682d637ccfdf116b6e63f66660842fdbdabefd0f5

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://49.12.98.122/index.php

Targets

    • Target

      6bf4ce3816de412d0cdfc51e6a227a87e0427cba267f76fe846f200eb407883d

    • Size

      1.4MB

    • MD5

      06fb398386bae0bbfbfa2d67ad13b016

    • SHA1

      45ad3b114e1ec168eee2a65f98bb302767bccc2f

    • SHA256

      6bf4ce3816de412d0cdfc51e6a227a87e0427cba267f76fe846f200eb407883d

    • SHA512

      6253e13f16b6f99cbac29d03f01cfabc8978d51bb08ba0cdabea948b6761f9cff5c7543e8a0a0db626b1ccd682d637ccfdf116b6e63f66660842fdbdabefd0f5

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks