Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

6165ccf339...bc.exe

windows7-x64

10

6165ccf339...bc.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6165ccf33902415f411c981a6ce740bc.bin

  • Size

    354KB

  • Sample

    230518-q5e21sbg24

  • MD5

    6165ccf33902415f411c981a6ce740bc

  • SHA1

    45b2bb7295ed87c63fa32d040a3fcb58c9451c1c

  • SHA256

    a7f8ea157b43f41eee62a257ff09d62745fc2951b7fd80edc223b30e4bf5432c

  • SHA512

    769e8a10a2c76fffa8c4d9f9c683c55545e552e12d72da8d6d0f2c1873ea560ea6d5e9dfc6dea63abcf4838c99f0d43ddb31d6ba3feb1f03f3a07d8b4d35703e

  • SSDEEP

    6144:h4SUjhtXAPCRVb0DLj5VpQzmNGxzED+c5H9ByjuGHK2Tb+w/dd4OK/FtbSJPB7A/:6XAPCDgjhQqyzED+c5HHyjO2nHld4dFj

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://gkonekt.shop/PL341/index.php

Targets

    • Target

      6165ccf33902415f411c981a6ce740bc.bin

    • Size

      354KB

    • MD5

      6165ccf33902415f411c981a6ce740bc

    • SHA1

      45b2bb7295ed87c63fa32d040a3fcb58c9451c1c

    • SHA256

      a7f8ea157b43f41eee62a257ff09d62745fc2951b7fd80edc223b30e4bf5432c

    • SHA512

      769e8a10a2c76fffa8c4d9f9c683c55545e552e12d72da8d6d0f2c1873ea560ea6d5e9dfc6dea63abcf4838c99f0d43ddb31d6ba3feb1f03f3a07d8b4d35703e

    • SSDEEP

      6144:h4SUjhtXAPCRVb0DLj5VpQzmNGxzED+c5H9ByjuGHK2Tb+w/dd4OK/FtbSJPB7A/:6XAPCDgjhQqyzED+c5HHyjO2nHld4dFj

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks