azorult | 8cea0456940c4b136a8e58a4bb8b13c1353f87bccdcb7ee79c85676cfaa8dc85 | Triage

Sharing

General

Target

8cea0456940c4b136a8e58a4bb8b13c1353f87bccdcb7ee79c85676cfaa8dc85
Size

938KB
Sample

210515-4lez221caj
MD5

69dcecb063d3078bc07d706c00798fd9
SHA1

64b435fd7887973ab610556dc3f4871d26ff1755
SHA256

8cea0456940c4b136a8e58a4bb8b13c1353f87bccdcb7ee79c85676cfaa8dc85
SHA512

1aeaf31638e1b126cb24ebadd85c9182daf6ee83c7d5fe186592b3c227d628521cfa75846c673f1eae62f2f077713cfcdfdb3da755a9001d81131413051b1e87

Score

10^/10

azorult infostealer persistence trojan

Malware Config

Targets

- Target
  
  8cea0456940c4b136a8e58a4bb8b13c1353f87bccdcb7ee79c85676cfaa8dc85
- Size
  
  938KB
- MD5
  
  69dcecb063d3078bc07d706c00798fd9
- SHA1
  
  64b435fd7887973ab610556dc3f4871d26ff1755
- SHA256
  
  8cea0456940c4b136a8e58a4bb8b13c1353f87bccdcb7ee79c85676cfaa8dc85
- SHA512
  
  1aeaf31638e1b126cb24ebadd85c9182daf6ee83c7d5fe186592b3c227d628521cfa75846c673f1eae62f2f077713cfcdfdb3da755a9001d81131413051b1e87
Score

10^/10

azorult infostealer persistence trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealerpersistencetrojan

behavioral2

azorultinfostealerpersistencetrojan