azorult | 69a57287ae2ff41565e572f7b36f3144ea8b5cfb38f5137540699fb00ff98775 | Triage

Sharing

General

Target

69a57287ae2ff41565e572f7b36f3144ea8b5cfb38f5137540699fb00ff98775
Size

576KB
Sample

220731-h7pegaech6
MD5

4cb66a8e9316b972da7edc116174671a
SHA1

92ae9e22fac220e782bce5fbb9679473e33a9771
SHA256

69a57287ae2ff41565e572f7b36f3144ea8b5cfb38f5137540699fb00ff98775
SHA512

e44f9030b7c1ce855cd340580b4248c5d73df0b89a7c18dfee798a489eeddba99b4c4b55cebf6ce7fcc2317062a6435362be1452fd036a2c6d95890b4a36a21b

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://aviskarprl.co.in/cgi/index.php

Targets

- Target
  
  69a57287ae2ff41565e572f7b36f3144ea8b5cfb38f5137540699fb00ff98775
- Size
  
  576KB
- MD5
  
  4cb66a8e9316b972da7edc116174671a
- SHA1
  
  92ae9e22fac220e782bce5fbb9679473e33a9771
- SHA256
  
  69a57287ae2ff41565e572f7b36f3144ea8b5cfb38f5137540699fb00ff98775
- SHA512
  
  e44f9030b7c1ce855cd340580b4248c5d73df0b89a7c18dfee798a489eeddba99b4c4b55cebf6ce7fcc2317062a6435362be1452fd036a2c6d95890b4a36a21b
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan