Extracted

• • Target

    PURCHASE ORDER.exe

  • Size

    158KB

  • MD5

    ce84573aa1706cc43cc2fea8a1c98447

  • SHA1

    71af640bba2e156311b277f62faa49af184a864b

  • SHA256

    4be5fa9ac61777638bf7550de77fffee6aa150b0e5c55612753f5fe3d931d885

  • SHA512

    e0bb1ab721099aec4ff92c550460e94cc8ef9662a2f44ac977f793bd5d8633b0969ae5c502b2f8dcffb1710f55e63672709a4cab2d4e86a530ed70209bb17aa1

  • SSDEEP

    3072:Gc+LTYERpkurjMNT8dG8LiykZrFMM/j0dRDaUmwb:kLTYm3XsGG8uykxjsDaUmw

  Score

  10^/10

  azorultcollectioninfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Loads dropped DLL

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2