General
-
Target
a1a96ef6b68b1d7ffad71f88ba85f414f7455cbd7abce1a4aa6b52613b109da4
-
Size
1.2MB
-
Sample
220521-a91xaaeehm
-
MD5
53d3bfd42d255c505f734f236b12d652
-
SHA1
bc943fe288d224253e85a7cea61ef500f9fef4bf
-
SHA256
a1a96ef6b68b1d7ffad71f88ba85f414f7455cbd7abce1a4aa6b52613b109da4
-
SHA512
e54ad5ebd40004d1a2d0f88cf779df9623174da4562c32d40e1762674481b350730008a9a6b533813b50afd807c6d39647e8be86ca0f5d5ce5258a76da7e5e9f
Static task
static1
Behavioral task
behavioral1
Sample
PO_TSP_7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO_TSP_7.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
azorult
http://authsw.ir/jsam/deyur/index.php
Targets
-
-
Target
PO_TSP_7.EXE
-
Size
277KB
-
MD5
5a5a176f9c645104bf3e27572d2148e7
-
SHA1
ea8462e5eedeca91f5a5d20d9a255c451578142d
-
SHA256
b5d8ecbbad8f720d76400be6e85391ad4930bc9d77870579a1f36d77960648db
-
SHA512
7d952945839083a15c86f5a15d81231f47c2e987949b7368f458a11ac9fa330eebf452a11459c688bde5d4d0620dde0fca9d05d7c615d25fb16b9b8417af16b4
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-