azorult | 77e59fa0c68be872f75c4b91edf6922ee59ff33616be36c8643fb66f277e6122 | Triage

Sharing

General

Target

0aaf1bfa50ed1998cc04d6d82632c4f6183987b0.exe
Size

129KB
Sample

221129-sgrf9adf3z
MD5

f400146d3acb290a59f71ab950c7fbed
SHA1

0aaf1bfa50ed1998cc04d6d82632c4f6183987b0
SHA256

77e59fa0c68be872f75c4b91edf6922ee59ff33616be36c8643fb66f277e6122
SHA512

b532e8c24a102bf153976570ff410c3f989b3d00c502ca3c3962355ce446250137cc66597ba7eb8f9540082afc61d1fcb7aa8312dac0d8d05378350327e5f91a
SSDEEP

3072:5xhlHkpmE0OS3C0jioXY7dtcwjT1z0gR0pS7whfpn:brHo0OSxjWL7ZqpS7wlp

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

https://discaredforftp.000webhostapp.com/

Targets

- Target
  
  0aaf1bfa50ed1998cc04d6d82632c4f6183987b0.exe
- Size
  
  129KB
- MD5
  
  f400146d3acb290a59f71ab950c7fbed
- SHA1
  
  0aaf1bfa50ed1998cc04d6d82632c4f6183987b0
- SHA256
  
  77e59fa0c68be872f75c4b91edf6922ee59ff33616be36c8643fb66f277e6122
- SHA512
  
  b532e8c24a102bf153976570ff410c3f989b3d00c502ca3c3962355ce446250137cc66597ba7eb8f9540082afc61d1fcb7aa8312dac0d8d05378350327e5f91a
- SSDEEP
  
  3072:5xhlHkpmE0OS3C0jioXY7dtcwjT1z0gR0pS7whfpn:brHo0OSxjWL7ZqpS7wlp
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2