General
-
Target
4F3180A609B4CFAEFC783F8D0465DD4C68E8C710FC828.exe
-
Size
6.3MB
-
Sample
221104-y4zn2aceem
-
MD5
760849ddf1210a72def35b6b047bf495
-
SHA1
8b717819bbd874bdd21af291c79ff0ac856af11a
-
SHA256
4f3180a609b4cfaefc783f8d0465dd4c68e8c710fc8288fdd9cae20038651459
-
SHA512
38e05e1412cca2aede5c6741dbcd01249f3148bfd07e689827bd78600a4a03ae61c2a3b0b175b190cf927a95b165b604e9272343cc6f4fd125ccd532a5e631d0
-
SSDEEP
3072:sr85CobfUkolNGti7lfqeSxM3SpyEYnE/Rxg/GuOSXpMx7ZAlH5:k9ozolIo7lf/ipT/RXzx7ZAp5
Malware Config
Extracted
azorult
http://mzaky.com/wp-content./index.php
Targets
-
-
Target
4F3180A609B4CFAEFC783F8D0465DD4C68E8C710FC828.exe
-
Size
6.3MB
-
MD5
760849ddf1210a72def35b6b047bf495
-
SHA1
8b717819bbd874bdd21af291c79ff0ac856af11a
-
SHA256
4f3180a609b4cfaefc783f8d0465dd4c68e8c710fc8288fdd9cae20038651459
-
SHA512
38e05e1412cca2aede5c6741dbcd01249f3148bfd07e689827bd78600a4a03ae61c2a3b0b175b190cf927a95b165b604e9272343cc6f4fd125ccd532a5e631d0
-
SSDEEP
3072:sr85CobfUkolNGti7lfqeSxM3SpyEYnE/Rxg/GuOSXpMx7ZAlH5:k9ozolIo7lf/ipT/RXzx7ZAp5
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-