azorult | 032128201ba9dc85094984089a4a706c754c64921501345bc9e4540123bd78da | Triage

Submit
Reports

Overview

overview

Static

static

Proforma I...py.exe

windows7_x64

Proforma I...py.exe

windows10-2004_x64

Sharing

General

Target

032128201ba9dc85094984089a4a706c754c64921501345bc9e4540123bd78da
Size

230KB
Sample

220521-xj4xksfber
MD5

1b3cb1e337e26d39b81d63ac74aa266d
SHA1

5046fd8d5ac125b0e249411ddf1fc579f37b990b
SHA256

032128201ba9dc85094984089a4a706c754c64921501345bc9e4540123bd78da
SHA512

6cbe66fe6af83821d4f35d679bc3b5f3ab0e5f171d2945f1937db786f48103507f28a7cd38281648e7f441ca85c7b4acfba40c670bda705d4f275303da5c6360

Score

10^/10

azorult discovery infostealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

Proforma Invoice scan copy.exe

Resource

win7-20220414-en

azorult discovery infostealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Proforma Invoice scan copy.exe

Resource

win10v2004-20220414-en

azorult infostealer suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

azorult

C2

https://www.nirjhara.com/mine/32/index.php

Targets

- Target
  
  Proforma Invoice scan copy.exe
- Size
  
  391KB
- MD5
  
  2763355e57b326d3b984f0ac394f7ac6
- SHA1
  
  ceb54e6f4b044fe78e4acd5e2935831118d57baf
- SHA256
  
  dcbd6522b7ba8bfb856038cf4dcb24782cab61a9e3ce15bbf9afcdff9c6c4f4a
- SHA512
  
  6b402d5ee4ab1213ddd054f4478ff5cd81a01f75b9327fc8e3d09309cf42b811a998ae96ad0c3fe8ee8e2b9fce994f227ed3bdc74a1e7ae9658108061628e13a
Score

10^/10

azorult discovery infostealer suricata trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- suricata: ET MALWARE AZORult Variant.4 Checkin M2
  suricata: ET MALWARE AZORult Variant.4 Checkin M2
  suricata
- suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M13
  suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M13
  suricata
- suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M4
  suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M4
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealersuricatatrojan

behavioral2

azorultinfostealersuricatatrojan

© 2018-2024

Terms | Privacy