azorult | ac36c5174ef7ba76a704baeaa713ad6630fc79db52bb904a5b41e15316e7d353 | Triage

Analysis

max time kernel
61s
max time network
87s
platform
windows7_x64
resource
win7-20220414-en
submitted
14-05-2022 13:50

Sharing

Report Analysis Logs

General

Target

ac36c5174ef7ba76a704baeaa713ad6630fc79db52bb904a5b41e15316e7d353.exe
Size

308KB
MD5

669997d4919a13cb6f23185d90bd5aa7
SHA1

9956119d94f6342024f8148716add56a00acc5a9
SHA256

ac36c5174ef7ba76a704baeaa713ad6630fc79db52bb904a5b41e15316e7d353
SHA512

a25316bc569ea479686619d1885b45d5c4d9143a3de0909c03dac748efbee3ed390cd8e59f902215122e5147c82d1186d4fa44571eda9012715bc7d2eff0043e

Score

10^/10

azorult infostealer suricata trojan

Malware Config

Extracted

Family

azorult

C2

http://2.56.59.31/purelogs/index.php

Signatures

Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
trojan infostealer azorult
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M6
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M6
suricata

C:\Users\Admin\AppData\Local\Temp\ac36c5174ef7ba76a704baeaa713ad6630fc79db52bb904a5b41e15316e7d353.exe
"C:\Users\Admin\AppData\Local\Temp\ac36c5174ef7ba76a704baeaa713ad6630fc79db52bb904a5b41e15316e7d353.exe"
1⤵
PID:1788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1788-54-0x0000000075721000-0x0000000075723000-memory.dmp

Filesize
8KB

Download
memory/1788-55-0x000000000065B000-0x000000000066D000-memory.dmp

Filesize
72KB

Download
memory/1788-56-0x0000000000230000-0x000000000024D000-memory.dmp

Filesize
116KB

Download
memory/1788-57-0x0000000000400000-0x00000000004DA000-memory.dmp

Filesize
872KB

Download