Analysis

  • max time kernel
    81s
  • max time network
    72s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23/05/2022, 01:49

General

  • Target

    e78cff004d64769a1e80583ec0d0e7fe18b4ef35ba3748e01f1771ee5daa711b.exe

  • Size

    166KB

  • MD5

    5290d231f79a2264cc34151cd322a222

  • SHA1

    93f55e75a365d9bd1a9760d34ac6098b54b397e4

  • SHA256

    e78cff004d64769a1e80583ec0d0e7fe18b4ef35ba3748e01f1771ee5daa711b

  • SHA512

    3effcc291f82fa543fc6d7ef761566716bf33ae1421e87738cbf09609e86ff5a63f62019063be9e6154c9e5bbecd2450f4cbb49404ba62a6f7aa74468cbe5d07

Malware Config

Extracted

Family

azorult

C2

http://185.92.73.185/index.php

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

Processes

  • C:\Users\Admin\AppData\Local\Temp\e78cff004d64769a1e80583ec0d0e7fe18b4ef35ba3748e01f1771ee5daa711b.exe
    "C:\Users\Admin\AppData\Local\Temp\e78cff004d64769a1e80583ec0d0e7fe18b4ef35ba3748e01f1771ee5daa711b.exe"
    1⤵
      PID:1464

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1464-54-0x00000000002C3000-0x00000000002D4000-memory.dmp

            Filesize

            68KB

          • memory/1464-55-0x0000000075381000-0x0000000075383000-memory.dmp

            Filesize

            8KB

          • memory/1464-56-0x00000000002C3000-0x00000000002D4000-memory.dmp

            Filesize

            68KB

          • memory/1464-57-0x0000000000400000-0x00000000004D9000-memory.dmp

            Filesize

            868KB