Overview

overview

10

Static

static

b828ff4ce3...58.exe

windows7_x64

10

b828ff4ce3...58.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b828ff4ce329b128041c89f4963379530029c653fae6474d27deccc3b8b2a158.exe

  • Size

    385KB

  • Sample

    220521-yh1dfagccq

  • MD5

    916b927e3d85fde5bfc66f0138a19686

  • SHA1

    064f1c37af5312a90174270db90922d04fe88753

  • SHA256

    b828ff4ce329b128041c89f4963379530029c653fae6474d27deccc3b8b2a158

  • SHA512

    d11d3cb7a956f10d77e8a41b85be7e3e3254ba9f60ff6c3dd5dac3293989dcbd3d54b3a8aceca00447d9cf0e04c0e6424b4198b25c2b22e231f9dd60d454f61b

Score
10/10
azorultinfostealersuricatatrojan

Malware Config

Extracted

Family

azorult

C2

http://aziri.xyz/index.php

Targets

    • Target

      b828ff4ce329b128041c89f4963379530029c653fae6474d27deccc3b8b2a158.exe

    • Size

      385KB

    • MD5

      916b927e3d85fde5bfc66f0138a19686

    • SHA1

      064f1c37af5312a90174270db90922d04fe88753

    • SHA256

      b828ff4ce329b128041c89f4963379530029c653fae6474d27deccc3b8b2a158

    • SHA512

      d11d3cb7a956f10d77e8a41b85be7e3e3254ba9f60ff6c3dd5dac3293989dcbd3d54b3a8aceca00447d9cf0e04c0e6424b4198b25c2b22e231f9dd60d454f61b

    Score
    10/10
    azorultinfostealertrojansuricata

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M14

      suricata: ET MALWARE Win32/AZORult V3.2 Client Checkin M14

      suricata

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks