Extracted

• • Target

    612094e1ef1469330d6caf115e1072b5b9d308f9e0a7501cc7168bad9f829438

  • Size

    550KB

  • MD5

    e765ff6c7fee937fa2ebc598a94d591b

  • SHA1

    0228e998444f970e35fcf377cb7508330af1c510

  • SHA256

    612094e1ef1469330d6caf115e1072b5b9d308f9e0a7501cc7168bad9f829438

  • SHA512

    e028d36621d02d0cbbd5bc88996b0b9fe7469d422402a31bf25ff03f2a650732b6bc800623e49c380b72a6f3449a52d76fe2f68350503ba4cc8089578f14c719

  Score

  10^/10

  azorultinfostealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2