azorult | 270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5 | Triage

Submit
Reports

Overview

overview

Static

static

270ccfd9fa...a5.exe

windows7_x64

270ccfd9fa...a5.exe

windows10-2004_x64

Sharing

General

Target

270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5
Size

552KB
Sample

220616-gxshpsefcn
MD5

88cab3e01e7d2274dd56a8d4b605cafb
SHA1

d78df20a64aecb448521975d88360e5c9392cf2c
SHA256

270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5
SHA512

01ad52674350a68c461f284912a654514ca28fbf77cf1d99711e0df38e571fbca3d186f7ae0cfcf62fca135a09af6ecec481df014702605d07a8a542e39578d0

Score

10^/10

azorult infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5.exe

Resource

win7-20220414-en

azorult infostealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5.exe

Resource

win10v2004-20220414-en

azorult infostealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

azorult

C2

http://cupononline.pk/index.php

Targets

- Target
  
  270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5
- Size
  
  552KB
- MD5
  
  88cab3e01e7d2274dd56a8d4b605cafb
- SHA1
  
  d78df20a64aecb448521975d88360e5c9392cf2c
- SHA256
  
  270ccfd9fa5927e0dd36355f13d51ea5af5fe643c3cf22f374ca60ce6a73b7a5
- SHA512
  
  01ad52674350a68c461f284912a654514ca28fbf77cf1d99711e0df38e571fbca3d186f7ae0cfcf62fca135a09af6ecec481df014702605d07a8a542e39578d0
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan

© 2018-2024

Terms | Privacy