General
-
Target
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3.exe
-
Size
1.4MB
-
Sample
220521-yh3hssdba7
-
MD5
ce63c7d7e1c6061821b2d9f8aa367b85
-
SHA1
b033a872e912af46b61768c2e69c5884ae658425
-
SHA256
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3
-
SHA512
1536ca01379edc70cfea6775768202ea6e7b7acd879527a6e3bd38f409a4994d01e8c22d9421ccc0bb67326de271eca1ca60f3ba27210560321664a8ed074cac
Static task
static1
Behavioral task
behavioral1
Sample
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
azorult
http://bl1we4t.xyz/index.php
Targets
-
-
Target
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3.exe
-
Size
1.4MB
-
MD5
ce63c7d7e1c6061821b2d9f8aa367b85
-
SHA1
b033a872e912af46b61768c2e69c5884ae658425
-
SHA256
56a7ba5c7f4590079508c1b90bfd200d00838daee3fbcd5602d7299fa0cbc4e3
-
SHA512
1536ca01379edc70cfea6775768202ea6e7b7acd879527a6e3bd38f409a4994d01e8c22d9421ccc0bb67326de271eca1ca60f3ba27210560321664a8ed074cac
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-