General

  • Target

    Pedido Conman Argentina S.A.L_PR-211299,pdf.exe

  • Size

    157KB

  • Sample

    221005-h4dhssdhbm

  • MD5

    8043e2111c71b1a98a70899dd133c2e3

  • SHA1

    a2519ce801d557ff3e6f34b7df10ac48c0233e9f

  • SHA256

    2c4c53968b0844bfdedf92c1d22a10987d8e0817e47602c1bc0be74762d88ce2

  • SHA512

    282fb8e1aca54b7db5390ed2b703f9c0dba32781b52c513462932c6476b87e3269c1be74583c7a1f2b60f4b123f4d1d0f6cce58ec191d0443ab18c902d0fc849

  • SSDEEP

    3072:clHKJVlxcnu4XGWyzvSeZcRpXygLGJUwbHC7K5+DdabGqu0jf:qK3lunu2xcvlGpigSJNDej5abH7

Malware Config

Extracted

Family

azorult

C2

http://blsrsr.shop/PL341/index.php

Targets

    • Target

      Pedido Conman Argentina S.A.L_PR-211299,pdf.exe

    • Size

      157KB

    • MD5

      8043e2111c71b1a98a70899dd133c2e3

    • SHA1

      a2519ce801d557ff3e6f34b7df10ac48c0233e9f

    • SHA256

      2c4c53968b0844bfdedf92c1d22a10987d8e0817e47602c1bc0be74762d88ce2

    • SHA512

      282fb8e1aca54b7db5390ed2b703f9c0dba32781b52c513462932c6476b87e3269c1be74583c7a1f2b60f4b123f4d1d0f6cce58ec191d0443ab18c902d0fc849

    • SSDEEP

      3072:clHKJVlxcnu4XGWyzvSeZcRpXygLGJUwbHC7K5+DdabGqu0jf:qK3lunu2xcvlGpigSJNDej5abH7

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks