azorult | 892fe91631a832b3979b8d0bcc771ce292533a6d7444e07f5c7cc390c226a4b4 | Triage

Sharing

General

Target

RFQ101022-Caliber Fasteners.exe
Size

885KB
Sample

221018-h4x77sfbep
MD5

87f22a4a7bb3f9636ef819acc6e4da55
SHA1

701308bb1ff607d31599a4a5d4fc7f65a8888095
SHA256

892fe91631a832b3979b8d0bcc771ce292533a6d7444e07f5c7cc390c226a4b4
SHA512

b69a6e652c9a9b55cf5f0b55c5e40c528f7b0d8fc0bee6e8434ed852a51d22a729489d04be6070cf0c7d5b1da277eb66c4b64e108f43208c284889d8acae14f8
SSDEEP

12288:uTQO2iNpJkhtOj+35KxkuDw99/nAjvyosfXA3ZJJZu:sD1ktOj+35Kx1DwH4jDs/A3ZTZ

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://leig.shop/leig/index.php

Targets

- Target
  
  RFQ101022-Caliber Fasteners.exe
- Size
  
  885KB
- MD5
  
  87f22a4a7bb3f9636ef819acc6e4da55
- SHA1
  
  701308bb1ff607d31599a4a5d4fc7f65a8888095
- SHA256
  
  892fe91631a832b3979b8d0bcc771ce292533a6d7444e07f5c7cc390c226a4b4
- SHA512
  
  b69a6e652c9a9b55cf5f0b55c5e40c528f7b0d8fc0bee6e8434ed852a51d22a729489d04be6070cf0c7d5b1da277eb66c4b64e108f43208c284889d8acae14f8
- SSDEEP
  
  12288:uTQO2iNpJkhtOj+35KxkuDw99/nAjvyosfXA3ZJJZu:sD1ktOj+35Kx1DwH4jDs/A3ZTZ
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan