General

  • Target

    5efacff7fa2a0a6a58097f0a19ba34788d832647060b51aa10365a25b5f9a563.exe

  • Size

    429KB

  • Sample

    220514-q5m3macdej

  • MD5

    0fe00b1ffe110aa76f45cd7357aca54f

  • SHA1

    ff1344c701dbd52568650cc1e3a431c58a7a7ffd

  • SHA256

    5efacff7fa2a0a6a58097f0a19ba34788d832647060b51aa10365a25b5f9a563

  • SHA512

    0e89311e31418b56ef9d786f826f929d7e6366d0c6d46e3b415c9770cb143a0132ec459fc02e434f3e4071a7980c15c76de1b5b27a10711f506a7c6329279159

Malware Config

Extracted

Family

azorult

C2

http://5.161.82.171/index.php

Targets

    • Target

      5efacff7fa2a0a6a58097f0a19ba34788d832647060b51aa10365a25b5f9a563.exe

    • Size

      429KB

    • MD5

      0fe00b1ffe110aa76f45cd7357aca54f

    • SHA1

      ff1344c701dbd52568650cc1e3a431c58a7a7ffd

    • SHA256

      5efacff7fa2a0a6a58097f0a19ba34788d832647060b51aa10365a25b5f9a563

    • SHA512

      0e89311e31418b56ef9d786f826f929d7e6366d0c6d46e3b415c9770cb143a0132ec459fc02e434f3e4071a7980c15c76de1b5b27a10711f506a7c6329279159

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks