Overview

overview

10

Static

static

1

fcrtrtosk.exe

windows7-x64

10

fcrtrtosk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fcrtrtosk.exe

  • Size

    524KB

  • Sample

    220731-ft1t8sagbq

  • MD5

    5a4161dea2860628bfb4498095861d2a

  • SHA1

    32c2755cef13d0937c43424576dfef27d52c496d

  • SHA256

    9ffd17a68654d3474794940762417fe1bc39a5ea87ce5877daa135ac783273e8

  • SHA512

    b7775c1d7059c104aedfb97b46433e35418e9a6bf37ef43348b1c6a9aaa614174d5b3ba9436a733028f25648be48b62be16013ab7fc03b6946eaab0768ca46af

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://houseluxury-re.ch/toskulo/PL341/index.php

Targets

    • Target

      fcrtrtosk.exe

    • Size

      524KB

    • MD5

      5a4161dea2860628bfb4498095861d2a

    • SHA1

      32c2755cef13d0937c43424576dfef27d52c496d

    • SHA256

      9ffd17a68654d3474794940762417fe1bc39a5ea87ce5877daa135ac783273e8

    • SHA512

      b7775c1d7059c104aedfb97b46433e35418e9a6bf37ef43348b1c6a9aaa614174d5b3ba9436a733028f25648be48b62be16013ab7fc03b6946eaab0768ca46af

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks