Overview

overview

10

Static

static

AWB DHL782...df.exe

windows7-x64

10

AWB DHL782...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AWB DHL782049 Documento de recepción de octubre,pdf.exe

  • Size

    91KB

  • Sample

    221011-kl1lqaegck

  • MD5

    3bc0908fd9c9459b268ff37e053ee8cd

  • SHA1

    eef10947db904d94a29a0ec1f3fddfc12c4dae8b

  • SHA256

    3d80dc41c5833d53f59c27dc7a35bf9f05849e74701eb64567252152454c2676

  • SHA512

    ed3eb36f9329bf915677b153b18c141bf8d03057a9d459dd122c0767ee7157e445eda0b194cbd1e1133b578908ff333a5a750b8a6ca40be1cdd3575c0b675ed8

  • SSDEEP

    1536:8CknHJa9Knpga/eHUTQQQQQQQBdBgN6b5/2kWSC6WLrFhDvahDvas:8CknHU9Knpga/eHUTQQQQQQkdBft/2Y7

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://141.98.6.75/dike/index.php

Targets

    • Target

      AWB DHL782049 Documento de recepción de octubre,pdf.exe

    • Size

      91KB

    • MD5

      3bc0908fd9c9459b268ff37e053ee8cd

    • SHA1

      eef10947db904d94a29a0ec1f3fddfc12c4dae8b

    • SHA256

      3d80dc41c5833d53f59c27dc7a35bf9f05849e74701eb64567252152454c2676

    • SHA512

      ed3eb36f9329bf915677b153b18c141bf8d03057a9d459dd122c0767ee7157e445eda0b194cbd1e1133b578908ff333a5a750b8a6ca40be1cdd3575c0b675ed8

    • SSDEEP

      1536:8CknHJa9Knpga/eHUTQQQQQQQBdBgN6b5/2kWSC6WLrFhDvahDvas:8CknHU9Knpga/eHUTQQQQQQkdBft/2Y7

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks