Overview

overview

10

Static

static

3bdcfffd58...ec.exe

windows7_x64

10

3bdcfffd58...ec.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3bdcfffd58d9c5765825f4ef7d42d75b9d2aec412f0b35dbd0298a51474ce0ec

  • Size

    582KB

  • Sample

    220703-lc5pradear

  • MD5

    38d328dd86ebad6931208bc20280fcda

  • SHA1

    89a9285ea26ff51212e7cbb68cbccfd6c262c296

  • SHA256

    3bdcfffd58d9c5765825f4ef7d42d75b9d2aec412f0b35dbd0298a51474ce0ec

  • SHA512

    5b2324b74cec5bf6c2632f453e7dc397a7fcd7f1977f17dd2e085a047f3aed0b1caecc40cbf1b3e0b009b1ec75aa2b2d7872fe91bff574af5b3e4df43f868d94

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://projectkanor.bit/az/index.php

Targets

    • Target

      3bdcfffd58d9c5765825f4ef7d42d75b9d2aec412f0b35dbd0298a51474ce0ec

    • Size

      582KB

    • MD5

      38d328dd86ebad6931208bc20280fcda

    • SHA1

      89a9285ea26ff51212e7cbb68cbccfd6c262c296

    • SHA256

      3bdcfffd58d9c5765825f4ef7d42d75b9d2aec412f0b35dbd0298a51474ce0ec

    • SHA512

      5b2324b74cec5bf6c2632f453e7dc397a7fcd7f1977f17dd2e085a047f3aed0b1caecc40cbf1b3e0b009b1ec75aa2b2d7872fe91bff574af5b3e4df43f868d94

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks