Analysis Overview
SHA256
45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d
Threat Level: Known bad
The file 45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d.exe was found to be: Known bad.
Malicious Activity Summary
Azorult family
Azorult
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-05-23 01:49
Signatures
Azorult family
Analysis: behavioral1
Detonation Overview
Submitted
2022-05-23 01:49
Reported
2022-05-23 01:57
Platform
win7-20220414-en
Max time kernel
85s
Max time network
79s
Command Line
Signatures
Azorult
Processes
C:\Users\Admin\AppData\Local\Temp\45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d.exe
"C:\Users\Admin\AppData\Local\Temp\45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d.exe"
Network
| Country | Destination | Domain | Proto |
| GB | 178.79.155.150:80 | tcp | |
| GB | 178.79.155.150:80 | tcp | |
| GB | 178.79.155.150:80 | tcp |
Files
memory/1908-54-0x00000000768D1000-0x00000000768D3000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-05-23 01:49
Reported
2022-05-23 01:57
Platform
win10v2004-20220414-en
Max time kernel
91s
Max time network
156s
Command Line
Signatures
Azorult
Processes
C:\Users\Admin\AppData\Local\Temp\45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d.exe
"C:\Users\Admin\AppData\Local\Temp\45c4cb9db8a4df096e2bea7edc05e5e1b5dad5fa753b7c17d260297b6ee6ff6d.exe"
Network
| Country | Destination | Domain | Proto |
| GB | 178.79.155.150:80 | tcp | |
| NL | 88.221.144.192:80 | tcp | |
| GB | 178.79.155.150:80 | tcp | |
| FR | 2.18.109.224:443 | tcp | |
| US | 104.18.25.243:80 | tcp | |
| NL | 13.69.109.131:443 | tcp | |
| US | 204.79.197.203:80 | tcp | |
| NL | 8.248.3.254:80 | tcp | |
| NL | 8.248.3.254:80 | tcp | |
| US | 8.251.167.126:80 | tcp | |
| US | 8.8.8.8:53 | 226.101.242.52.in-addr.arpa | udp |