General

  • Target

    8afe5af9dd81eebcda9b84b6d5b792bda8ecfea5bcf710fe5db6c72577317e40

  • Size

    509KB

  • Sample

    220701-hjha9agdgj

  • MD5

    fa682f97cf7b490a70b0eedc9009a952

  • SHA1

    2d827fbbf53e997ed4e8f76cb553fa41731bd11c

  • SHA256

    8afe5af9dd81eebcda9b84b6d5b792bda8ecfea5bcf710fe5db6c72577317e40

  • SHA512

    d2d85fab6c699908c45337d6de31ffe626a29643c15f62378b358281ecdb7cffa45d32e6abed65dfc08c64039b1a3f5769877f81099cf8fb86407df0f04d20bb

Malware Config

Extracted

Family

azorult

C2

http://ashyellow.ga/ken/32/index.php

Targets

    • Target

      8afe5af9dd81eebcda9b84b6d5b792bda8ecfea5bcf710fe5db6c72577317e40

    • Size

      509KB

    • MD5

      fa682f97cf7b490a70b0eedc9009a952

    • SHA1

      2d827fbbf53e997ed4e8f76cb553fa41731bd11c

    • SHA256

      8afe5af9dd81eebcda9b84b6d5b792bda8ecfea5bcf710fe5db6c72577317e40

    • SHA512

      d2d85fab6c699908c45337d6de31ffe626a29643c15f62378b358281ecdb7cffa45d32e6abed65dfc08c64039b1a3f5769877f81099cf8fb86407df0f04d20bb

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks