Overview

overview

10

Static

static

lZSrXwYDDkbZYDN.exe

windows7-x64

10

lZSrXwYDDkbZYDN.exe

windows10-2004-x64

10

f2d7275a65...1f.exe

windows7-x64

10

f2d7275a65...1f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8030816201.zip

  • Size

    1.5MB

  • Sample

    220928-h32h8sgddl

  • MD5

    20042bf2ef41f7e46715c00aa86fd651

  • SHA1

    3de849099762ae40c02e93ef860b92178430481e

  • SHA256

    a1ec760dbe6e44ec5a070d8e967cf25fb54ef1981a6f2f3cb2cb4f861e0ac461

  • SHA512

    4fdd76022919e4e797dbc13ef932bf3969afb010139118fea7a3f46be6ccf0397b2170806fe3176dcb7c16756d12989c8a11023005753a8c545e02a80574b5b2

  • SSDEEP

    49152:LnkdVLpAWHXuxJIepi0FHcPtr74Mmth/4Lt:Lnk/bCsEcpCwh

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://ble33n.shop/PL341/index.php

Targets

    • Target

      lZSrXwYDDkbZYDN.exe

    • Size

      1002KB

    • MD5

      416f3e2e12938b9627f1b898ad4a689b

    • SHA1

      c1a34c536411f34b75c633a6551e0e78b92662c2

    • SHA256

      f2d7275a6557c9fa6501794d6f12155813e1ffc672f65f349d3b404952b4701f

    • SHA512

      900f606532caf15e1ecd1c6f4ce97a746774f20f549ab090420be151c293bfa39b364d6857b4c6d87162f53f13a941ce66ecece6e2c1f6978e1978ba9204bb06

    • SSDEEP

      12288:Zqv+9fw2iNuthqXcsFEYpl8/qSLeQB9PR5ZnaOrRtIE+PPh3+MkorlulYxRqRlr:ZqMo14hqXZoXeYvX9UxCmlVAST

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      f2d7275a6557c9fa6501794d6f12155813e1ffc672f65f349d3b404952b4701f

    • Size

      1002KB

    • MD5

      416f3e2e12938b9627f1b898ad4a689b

    • SHA1

      c1a34c536411f34b75c633a6551e0e78b92662c2

    • SHA256

      f2d7275a6557c9fa6501794d6f12155813e1ffc672f65f349d3b404952b4701f

    • SHA512

      900f606532caf15e1ecd1c6f4ce97a746774f20f549ab090420be151c293bfa39b364d6857b4c6d87162f53f13a941ce66ecece6e2c1f6978e1978ba9204bb06

    • SSDEEP

      12288:Zqv+9fw2iNuthqXcsFEYpl8/qSLeQB9PR5ZnaOrRtIE+PPh3+MkorlulYxRqRlr:ZqMo14hqXZoXeYvX9UxCmlVAST

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks