azorult | 7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96

Analysis

max time kernel
136s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
25-07-2022 05:11

Target

7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96.exe
Size

259KB
MD5

e1d15bc2bba8a703e58d9e844079f8c3
SHA1

1b6b3448e82557b750df3b4bf251246745d5afdd
SHA256

7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96
SHA512

c7172cee3931e4495a3c792c3e65de660be14f47b091a2bd00cece50079623cec7f15813d78aeca2162cebcf2333eb2941105b956b0f7de7915532e4e13e4558

Score

10^/10

Family

azorult

http://195.245.112.115/index.php

Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
trojan infostealer azorult
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M14
suricata: ET MALWARE Win32/AZORult V3.3 Client Checkin M14
suricata
Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3156 2136 WerFault.exe 7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96.exe

pid	pid_target	process	target process
3156	2136	WerFault.exe	7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96.exe

C:\Users\Admin\AppData\Local\Temp\7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96.exe
"C:\Users\Admin\AppData\Local\Temp\7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96.exe"
1⤵
PID:2136

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2136 -s 988
2⤵
- Program crash
PID:3156

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 204 -p 2136 -ip 2136
1⤵
PID:692

memory/2136-130-0x0000000000F37000-0x0000000000F49000-memory.dmp

Filesize
72KB

Download
memory/2136-131-0x0000000000F37000-0x0000000000F49000-memory.dmp

Filesize
72KB

Download
memory/2136-132-0x0000000000400000-0x0000000000C48000-memory.dmp

Filesize
8.3MB

Download