General
-
Target
DHL-119040 de recibo,pdf.exe
-
Size
170KB
-
Sample
220924-jpac9scbck
-
MD5
6312926cd48cff0cb0ab63a76d3e45f2
-
SHA1
989bb1370188e7de859b5d8d8b9e41f6e6e53bae
-
SHA256
20eb16150dc493901670bd428b72eaa88f8c575bded5d9df8cf174e70c4e2e2c
-
SHA512
7f2b5094926644ee65013f2da1736cc9d63090891faf5ba2b6511902f0785deb83fc91468ac052a9f57dc410d9fe46bb536a5bf9aacf0c7f91f1a01a3760c780
-
SSDEEP
3072:HFIJLYc0HyU1dy1eVhBTwXdHPrItwrq3EIBAm35pOFPjKy7wq:HFQpU1dke1EXdHPKw23EF
Static task
static1
Behavioral task
behavioral1
Sample
DHL-119040 de recibo,pdf.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
DHL-119040 de recibo,pdf.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
azorult
http://kngpdrp.shop/PL341/index.php
Targets
-
-
Target
DHL-119040 de recibo,pdf.exe
-
Size
170KB
-
MD5
6312926cd48cff0cb0ab63a76d3e45f2
-
SHA1
989bb1370188e7de859b5d8d8b9e41f6e6e53bae
-
SHA256
20eb16150dc493901670bd428b72eaa88f8c575bded5d9df8cf174e70c4e2e2c
-
SHA512
7f2b5094926644ee65013f2da1736cc9d63090891faf5ba2b6511902f0785deb83fc91468ac052a9f57dc410d9fe46bb536a5bf9aacf0c7f91f1a01a3760c780
-
SSDEEP
3072:HFIJLYc0HyU1dy1eVhBTwXdHPrItwrq3EIBAm35pOFPjKy7wq:HFQpU1dke1EXdHPKw23EF
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-