Analysis Overview
SHA256
3f8fda11518ddeef757b86d3cb3e4ec0e6b7ce697949b77e980ea1d7285fc137
Threat Level: Known bad
The file 3f8fda11518ddeef757b86d3cb3e4ec0e6b7ce697949b77e980ea1d7285fc137 was found to be: Known bad.
Malicious Activity Summary
Azorult
suricata: ET MALWARE AZORult Variant.4 Checkin M2
suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M6
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-05-20 14:35
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2022-05-20 14:35
Reported
2022-05-20 16:22
Platform
win10v2004-20220414-en
Max time kernel
1s
Max time network
382s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\bin_2020-08-18_13-38.exe
"C:\Users\Admin\AppData\Local\Temp\bin_2020-08-18_13-38.exe"
Network
| Country | Destination | Domain | Proto |
| FR | 2.16.119.157:443 | tcp | |
| NL | 104.110.191.140:80 | tcp | |
| FR | 2.16.119.157:443 | tcp | |
| NL | 104.110.191.133:80 | tcp | |
| NL | 104.110.191.133:80 | tcp | |
| NL | 104.110.191.133:80 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2022-05-20 14:35
Reported
2022-05-20 16:15
Platform
win7-20220414-en
Max time kernel
42s
Max time network
46s
Command Line
Signatures
Azorult
suricata: ET MALWARE AZORult Variant.4 Checkin M2
suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M6
Processes
C:\Users\Admin\AppData\Local\Temp\bin_2020-08-18_13-38.exe
"C:\Users\Admin\AppData\Local\Temp\bin_2020-08-18_13-38.exe"
Network
| Country | Destination | Domain | Proto |
| US | 45.145.185.253:80 | 45.145.185.253 | tcp |
| US | 45.145.185.253:80 | 45.145.185.253 | tcp |
Files
memory/812-54-0x0000000075FB1000-0x0000000075FB3000-memory.dmp
memory/812-55-0x0000000001BEC000-0x0000000001BFD000-memory.dmp
memory/812-56-0x0000000000220000-0x000000000023E000-memory.dmp
memory/812-57-0x0000000000400000-0x0000000001AA1000-memory.dmp