General
-
Target
bbd450764a3008c69457e3b92cc99ae6ad4f2261f974ab391d4c37cefe7a27de
-
Size
152KB
-
Sample
220219-1b7v2seddp
-
MD5
a9ba4d8e1c84b3ec54db31ccf4f51b24
-
SHA1
386aea44d3de01306359d4474ebbbb0db05fb61c
-
SHA256
bbd450764a3008c69457e3b92cc99ae6ad4f2261f974ab391d4c37cefe7a27de
-
SHA512
8e17c2e32e70d2fb30d22655d1931d259fc28412a6cdf71a955d4655255e88e64279406f1f04dae8059189653e26cc1717bb30e8a756680671ad27f34ab0b2d9
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
bbd450764a3008c69457e3b92cc99ae6ad4f2261f974ab391d4c37cefe7a27de
-
Size
152KB
-
MD5
a9ba4d8e1c84b3ec54db31ccf4f51b24
-
SHA1
386aea44d3de01306359d4474ebbbb0db05fb61c
-
SHA256
bbd450764a3008c69457e3b92cc99ae6ad4f2261f974ab391d4c37cefe7a27de
-
SHA512
8e17c2e32e70d2fb30d22655d1931d259fc28412a6cdf71a955d4655255e88e64279406f1f04dae8059189653e26cc1717bb30e8a756680671ad27f34ab0b2d9
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-