Overview

overview

10

Static

static

a3417a7918...e2.exe

windows7_x64

10

a3417a7918...e2.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3417a7918c364c21d0c67aad1a4aa71afd81e93ffd8e6bf653287e83b7c3be2

  • Size

    319KB

  • Sample

    220701-dsr5labfc3

  • MD5

    2cde8ecbda047cb9ab2d6d7c3759b1ef

  • SHA1

    d705296ce385303f9a499f796b7f9c75a6787b88

  • SHA256

    a3417a7918c364c21d0c67aad1a4aa71afd81e93ffd8e6bf653287e83b7c3be2

  • SHA512

    77e1ef2ca2ccea4f8df760f4ace2197ffb6c7067aa60b0470f0b9851011795f124e4a9f56498c84e887c4dd5a353a4ba3939712871fbb1cad15049d87d4a0fb3

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://185.11.146.189/index.php

Targets

    • Target

      a3417a7918c364c21d0c67aad1a4aa71afd81e93ffd8e6bf653287e83b7c3be2

    • Size

      319KB

    • MD5

      2cde8ecbda047cb9ab2d6d7c3759b1ef

    • SHA1

      d705296ce385303f9a499f796b7f9c75a6787b88

    • SHA256

      a3417a7918c364c21d0c67aad1a4aa71afd81e93ffd8e6bf653287e83b7c3be2

    • SHA512

      77e1ef2ca2ccea4f8df760f4ace2197ffb6c7067aa60b0470f0b9851011795f124e4a9f56498c84e887c4dd5a353a4ba3939712871fbb1cad15049d87d4a0fb3

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks