Overview

overview

10

Static

static

QUOTATION100722.exe

windows7-x64

10

QUOTATION100722.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    QUOTATION100722.exe

  • Size

    1.1MB

  • Sample

    221012-bp88lacag3

  • MD5

    47118e9dbe01aff26c2d745c5de287f1

  • SHA1

    92693b6fcd143c5256aeca574f2637215a7b63f9

  • SHA256

    ddf04fa5a3491fe9fd6b8638e56a55671e551135700a2ac79471cbdb7bce4832

  • SHA512

    507245e2281fb053d7372c357c8b9eac8a65d3f4a254c95f0e1fc88ee825f7f987dd4c91cc25dcfbc88fa1eea9a4c2e8958e8ac1b6979ce9dbb140dfe9bb103d

  • SSDEEP

    12288:p2iNCJ2un7NhZGCzMbrB1dbCJOVMn8dMyNNTKKeBnY6v6nnjqKoe:p1pQFGCwbF19CSdMyN7QYm6nnjqKoe

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://leig.shop/leig/index.php

Targets

    • Target

      QUOTATION100722.exe

    • Size

      1.1MB

    • MD5

      47118e9dbe01aff26c2d745c5de287f1

    • SHA1

      92693b6fcd143c5256aeca574f2637215a7b63f9

    • SHA256

      ddf04fa5a3491fe9fd6b8638e56a55671e551135700a2ac79471cbdb7bce4832

    • SHA512

      507245e2281fb053d7372c357c8b9eac8a65d3f4a254c95f0e1fc88ee825f7f987dd4c91cc25dcfbc88fa1eea9a4c2e8958e8ac1b6979ce9dbb140dfe9bb103d

    • SSDEEP

      12288:p2iNCJ2un7NhZGCzMbrB1dbCJOVMn8dMyNNTKKeBnY6v6nnjqKoe:p1pQFGCwbF19CSdMyN7QYm6nnjqKoe

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks