General
-
Target
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab
-
Size
672KB
-
Sample
220701-ex4jvsdef9
-
MD5
d41b33caefb8ca5c050ce49a96a3ea48
-
SHA1
8df543692937630bbb26481ed22ce5f384663295
-
SHA256
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab
-
SHA512
94fd95c1a6e2d4ffb09d141666d00ab00434434ed1885036fed98b7c25f553e91d2448580bbc2b33ae2e9cb6b5420c3358ec68bd848514da10e2054cc1cc645e
Static task
static1
Behavioral task
behavioral1
Sample
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab.msi
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab.msi
Resource
win10v2004-20220414-en
Malware Config
Extracted
azorult
http://aglfreight.com.my/inc/js/jstree/biu/index.php
Targets
-
-
Target
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab
-
Size
672KB
-
MD5
d41b33caefb8ca5c050ce49a96a3ea48
-
SHA1
8df543692937630bbb26481ed22ce5f384663295
-
SHA256
d4a20038f6fa3073ed4b293f8bfd65372f77460f91fa5af61938911cb635b3ab
-
SHA512
94fd95c1a6e2d4ffb09d141666d00ab00434434ed1885036fed98b7c25f553e91d2448580bbc2b33ae2e9cb6b5420c3358ec68bd848514da10e2054cc1cc645e
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M6
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M6
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-