azorult | a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc | Triage

Submit
Reports

Overview

overview

Static

static

1

a5bb96d731...fc.exe

windows7-x64

a5bb96d731...fc.exe

windows10-2004-x64

Sharing

General

Target

a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc
Size

616KB
Sample

230316-tqzdwsea5s
MD5

1833589c607ac469b174b2814369ce61
SHA1

cf9f0075bab1121727670149313ad19b4bdd5329
SHA256

a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc
SHA512

66d1b289bb81468a12b105cfc6af6c3ca4ee5f8fdd784604b1153c78fbcd79313374aa29a1b5822d2c5d65df9cc06e43468d1b91c2037e5b0f162e9165d4cf93
SSDEEP

12288:K+KCarVlx6yaKbODxUazPGQoK0dGM0mIf/NLOs9FWGVMD0Fg5X4Un:K+KCapKaUx0K4ILOEWGVMIi5X4Un

Score

10^/10

azorult infostealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc.exe

Resource

win7-20230220-en

azorult infostealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc.exe

Resource

win10v2004-20230221-en

azorult infostealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

azorult

C2

http://188.209.52.233/gate.php

Targets

- Target
  
  a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc
- Size
  
  616KB
- MD5
  
  1833589c607ac469b174b2814369ce61
- SHA1
  
  cf9f0075bab1121727670149313ad19b4bdd5329
- SHA256
  
  a5bb96d731ef58cf17cc579578ab89c7c46f275982be8eb137ff64268dff1efc
- SHA512
  
  66d1b289bb81468a12b105cfc6af6c3ca4ee5f8fdd784604b1153c78fbcd79313374aa29a1b5822d2c5d65df9cc06e43468d1b91c2037e5b0f162e9165d4cf93
- SSDEEP
  
  12288:K+KCarVlx6yaKbODxUazPGQoK0dGM0mIf/NLOs9FWGVMD0Fg5X4Un:K+KCapKaUx0K4ILOEWGVMIi5X4Un
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan

© 2018-2024

Terms | Privacy