Extracted

• • Target

    DHLFreight.TR, pdf.exe

  • Size

    155KB

  • MD5

    4d4654e4ac669d5f4eaa278ab91153d2

  • SHA1

    9adbd5a83f3393a6b270b1492f891de0f2d9f5c2

  • SHA256

    b17982b84d161b4f3071af6cedb687b80569aff940441f244642599f0eb2f8a0

  • SHA512

    34f902900f7da2dc83649ddb8c75d07a2604881ae58e0658145bbb189492c3539b502333d5c2baa5fd1a156007681a9c483d97bcfdc768d114e48348fa9efc78

  • SSDEEP

    3072:mNLTkCi4InQeMjIrWKFLtV65IP3NjkzjVJ7gyLtYfHm:m5TQnQeMk1tVtmzv/6G

  Score

  10^/10

  azorultcollectioninfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Loads dropped DLL

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2