azorult | 61335c8beebcfeaee694ab76e732d3b2a4cf41302a0e1ae47983b7b8f9ba7e8e | Triage

Analysis

max time kernel
28s
max time network
58s
platform
windows7_x64
resource
win7-20220718-en
resource tags

arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system
submitted
30-07-2022 21:53

Sharing

Report Analysis Logs

General

Target

61335c8beebcfeaee694ab76e732d3b2a4cf41302a0e1ae47983b7b8f9ba7e8e.exe
Size

155KB
MD5

742e4a47963b3546c5fb3e8588d6e5d9
SHA1

555ceec795236da78a9501800ecb388b9e418621
SHA256

61335c8beebcfeaee694ab76e732d3b2a4cf41302a0e1ae47983b7b8f9ba7e8e
SHA512

1a4181157266446430ddfde03f9aa3ea1c29bb9043de7056e0a7d3a4d6ff289c93368defe7062196d1d5322b2ad40ed01608577ae5d481688cb59be7a905c638

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://gtfurobertopol.org/index.php

Signatures

Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
trojan infostealer azorult

C:\Users\Admin\AppData\Local\Temp\61335c8beebcfeaee694ab76e732d3b2a4cf41302a0e1ae47983b7b8f9ba7e8e.exe
"C:\Users\Admin\AppData\Local\Temp\61335c8beebcfeaee694ab76e732d3b2a4cf41302a0e1ae47983b7b8f9ba7e8e.exe"
1⤵
PID:888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/888-54-0x0000000000518000-0x0000000000529000-memory.dmp

Filesize
68KB

Download
memory/888-55-0x0000000075A61000-0x0000000075A63000-memory.dmp

Filesize
8KB

Download
memory/888-57-0x0000000000400000-0x000000000042D000-memory.dmp

Filesize
180KB

Download
memory/888-56-0x0000000000518000-0x0000000000529000-memory.dmp

Filesize
68KB

Download
memory/888-58-0x0000000000518000-0x0000000000529000-memory.dmp

Filesize
68KB

Download
memory/888-59-0x0000000000518000-0x0000000000529000-memory.dmp

Filesize
68KB

Download
memory/888-60-0x0000000000400000-0x000000000042D000-memory.dmp

Filesize
180KB

Download