azorult | 5bf6aa06e097882d54af8a0c43646e1d41379a1ffea8e1db8c6a580d9631f570 | Triage

Sharing

General

Target

5bf6aa06e097882d54af8a0c43646e1d41379a1ffea8e1db8c6a580d9631f570
Size

1.1MB
Sample

220801-tjcxbaddgj
MD5

65155eda022fd171ab983097f2bbe924
SHA1

687d17dccfa13cb5534c1f6729e28cde6e03bcb8
SHA256

5bf6aa06e097882d54af8a0c43646e1d41379a1ffea8e1db8c6a580d9631f570
SHA512

dd6b0bc869d09287ca662e30569c70f09ddd21e26f239fe06c6ee6e8ccdf0c9842c6206476bf4c1d1b1a0a1f11d11fda90c585a9ab6fa9db12e04135a13939ea

Score

10^/10

azorult infostealer persistence trojan

Malware Config

Targets

- Target
  
  5bf6aa06e097882d54af8a0c43646e1d41379a1ffea8e1db8c6a580d9631f570
- Size
  
  1.1MB
- MD5
  
  65155eda022fd171ab983097f2bbe924
- SHA1
  
  687d17dccfa13cb5534c1f6729e28cde6e03bcb8
- SHA256
  
  5bf6aa06e097882d54af8a0c43646e1d41379a1ffea8e1db8c6a580d9631f570
- SHA512
  
  dd6b0bc869d09287ca662e30569c70f09ddd21e26f239fe06c6ee6e8ccdf0c9842c6206476bf4c1d1b1a0a1f11d11fda90c585a9ab6fa9db12e04135a13939ea
Score

10^/10

azorult infostealer persistence trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealerpersistencetrojan

behavioral2

azorultinfostealerpersistencetrojan