Extracted

• • Target

    c0316d5c80857827ac28d2cbabef2f7a661cc935365d930f32b863918db01d20.exe

  • Size

    112KB

  • MD5

    6bde457b4e7657ce11b0ad1cc5574ff2

  • SHA1

    50db27d00a0167e62ddceb67803eae86ac765df5

  • SHA256

    c0316d5c80857827ac28d2cbabef2f7a661cc935365d930f32b863918db01d20

  • SHA512

    13295450b78db501d96633de24e7b41b7a63f9c440e404bc8012440c6c73ef80fb792bac3a200859d74b7cc219d3e7e1cedc679c5d51a84fc0747e603366549e

  • SSDEEP

    3072:KExRaQ6raoCoCyz6/mqv1JR+yBtGOeaeWginq:faO1tme++wiq

  Score

  10^/10

  azorultcollectiondiscoveryinfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Deletes itself

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2