azorult | 4b68dccffb6601d78041a03d53b92fc1a29f9300a0b3af086be054895172cb17 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

M810107.exe

windows7-x64

M810107.exe

windows10-2004-x64

Sharing

General

Target

M810107.exe
Size

168KB
Sample

230509-x7xheadg79
MD5

c2e9eeed123e767722b9c6d98f6669d3
SHA1

4db6f259a29564c8a57b8af23ab4f48cdb74989e
SHA256

4b68dccffb6601d78041a03d53b92fc1a29f9300a0b3af086be054895172cb17
SHA512

1b41dedc441ffe31e2a269a170f980f54d585100bc9d1e585bea6d1da1757809d404d33b232177d321a0d882e39cf9834c2f470c7383093cb231a2ad32116856
SSDEEP

3072:EwJ52Y7ZoH5XJaqKz8HIoLmMRmWzjDROnhkOZoaF80hqt2xVsXXJGhbc09VLM4LY:EwHysqKzL8AMjEdbhHVWEhhVdLY

Score

10^/10

azorult guloader discovery downloader infostealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

M810107.exe

Resource

win7-20230220-en

guloader discovery downloader

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

M810107.exe

Resource

win10v2004-20230220-en

azorult guloader discovery downloader infostealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

azorult

C2

http://gkonekt.shop/PL341/index.php

Targets

- Target
  
  M810107.exe
- Size
  
  168KB
- MD5
  
  c2e9eeed123e767722b9c6d98f6669d3
- SHA1
  
  4db6f259a29564c8a57b8af23ab4f48cdb74989e
- SHA256
  
  4b68dccffb6601d78041a03d53b92fc1a29f9300a0b3af086be054895172cb17
- SHA512
  
  1b41dedc441ffe31e2a269a170f980f54d585100bc9d1e585bea6d1da1757809d404d33b232177d321a0d882e39cf9834c2f470c7383093cb231a2ad32116856
- SSDEEP
  
  3072:EwJ52Y7ZoH5XJaqKz8HIoLmMRmWzjDROnhkOZoaF80hqt2xVsXXJGhbc09VLM4LY:EwHysqKzL8AMjEdbhHVWEhhVdLY
Score

10^/10

guloader discovery downloader azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

azorultguloaderdiscoverydownloaderinfostealertrojan

© 2018-2025

Terms | Privacy