General
-
Target
dbf57bf7baf731e6ab815367c3f0c0735861500917d41b4f6f1ac04e9ad4ea43
-
Size
232KB
-
Sample
220520-hx9bwsabdq
-
MD5
c4f720612a7e895dcf4426ebc8be6cd5
-
SHA1
6ffd2b6365ca8b1a93607d6a10c1734049071343
-
SHA256
dbf57bf7baf731e6ab815367c3f0c0735861500917d41b4f6f1ac04e9ad4ea43
-
SHA512
b4a5b9e1eb91fef910a82e62c619fc75019d5f35c498587cc18e794b2371ba2949c40dd851b87367fbd91f842850165da3ae411de796652d77e2249f8cd9ee2b
Static task
static1
Behavioral task
behavioral1
Sample
Voice_WAV.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Voice_WAV.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
azorult
http://103.125.191.102/ssm/index.php
Targets
-
-
Target
Voice_WAV.exe
-
Size
597KB
-
MD5
701132d3579a9ad10a166bc9642dd3fc
-
SHA1
2f8e0017bd626ee6a14e12768265aad7aa9e9051
-
SHA256
9aa293eaf7a59ecd7359c5ad700d50cef8fee1bd9f4d92831abda3f74226e31c
-
SHA512
3c4ba95363398b3eac415f33eaea14abf3c54b71862cbc39d7ff5141a0464a46630a161d217215f6669ef469435ff46236bcca61584109fd4cfe7d0a78e1db1a
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Drops startup file
-
Suspicious use of SetThreadContext
-