General

  • Target

    dfcc13bc3f0ce4265a473d078cabb900080b5ecdd1c4f75c8b69f2e773a962c8

  • Size

    170KB

  • Sample

    220701-gyj8qafchl

  • MD5

    7fb86ffdda28186e53caea3086f438ed

  • SHA1

    7acedecae143c2080ba9883179634cb5490318e1

  • SHA256

    dfcc13bc3f0ce4265a473d078cabb900080b5ecdd1c4f75c8b69f2e773a962c8

  • SHA512

    f5d044ac15599226aaddbacab90c029d3e01fcef2b02692ecb9ba5097dc5d30271541a5ade2eea1a0f706d22381bd4cd4a147ba70d87a935745d22a2c9d7b7bb

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

    • Target

      dfcc13bc3f0ce4265a473d078cabb900080b5ecdd1c4f75c8b69f2e773a962c8

    • Size

      170KB

    • MD5

      7fb86ffdda28186e53caea3086f438ed

    • SHA1

      7acedecae143c2080ba9883179634cb5490318e1

    • SHA256

      dfcc13bc3f0ce4265a473d078cabb900080b5ecdd1c4f75c8b69f2e773a962c8

    • SHA512

      f5d044ac15599226aaddbacab90c029d3e01fcef2b02692ecb9ba5097dc5d30271541a5ade2eea1a0f706d22381bd4cd4a147ba70d87a935745d22a2c9d7b7bb

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks