Overview

overview

10

Static

static

PICTURE FO...ON.exe

windows7_x64

10

PICTURE FO...ON.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abb8146908e34fbd71e48b8923e734b496e9957cf850674659f1a591bf2000c2

  • Size

    180KB

  • Sample

    220521-n2vxyseeb7

  • MD5

    62589d01681436199a9c0cbd913d9c22

  • SHA1

    fd571dbb119fe18c5d1addbf7ebd6eef811a9516

  • SHA256

    abb8146908e34fbd71e48b8923e734b496e9957cf850674659f1a591bf2000c2

  • SHA512

    6e16d075a1f6620240676100acee8bd0429a6627622aa39198c0485abf14610c1ad2183e35d7b49962ddfd129fc0f9778f25c9bb9cf657369ece886cca1fcc6f

Score
10/10
azorultinfostealerrezer0trojan

Malware Config

Extracted

Family

azorult

C2

http://217.160.246.104/index.php

Targets

    • Target

      PICTURE FOR ILLUSTRATION.exe

    • Size

      212KB

    • MD5

      025030d30646897352afc77898f4014b

    • SHA1

      cb6edbf932827a5d92b39e74cbd1f3c7992fa1f1

    • SHA256

      229aaa16670e60669a955690e0104fdd3e0e2621974b11d6dbb9804aea38f963

    • SHA512

      58cb66cc15886a67af396342fec8a7923a78818103b967d853944c9640768cae5624dc04ee821c9f9142b2bcb9887477de202538ba06a7f8ee8ddc5771da3d1e

    Score
    10/10
    azorultinfostealerrezer0trojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • ReZer0 packer

      Detects ReZer0, a packer with multiple versions used in various campaigns.

      rezer0

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks