General
-
Target
binar.exe
-
Size
112KB
-
Sample
230626-qzv62sag9y
-
MD5
052d81e50ff9da4e815cdbabd15956f1
-
SHA1
c144ddd00166edb900306a55d1706d3f0e02e7a6
-
SHA256
2d6061beff65318f9bb24c262825b4badd66d910d75f7311d849db71d2cc296e
-
SHA512
2cf1ec4334480bf62dc0ee39fed0d5f011fc28dc87b5935e09419a68d1daa9b8569e98d18d6f1ef6989e662cde5161290b3abbbea5721bee43a66dd02ab3e76d
-
SSDEEP
3072:tuOSXpMx7ZAlHsbfUkolNGti7lfqeSxM3SpyEY3E/Ixg/:Zzx7ZApszolIo7lf/ipT/I
Behavioral task
behavioral1
Sample
binar.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
binar.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
azorult
http://46.183.222.66/stanley1/Panel/index.php
Targets
-
-
Target
binar.exe
-
Size
112KB
-
MD5
052d81e50ff9da4e815cdbabd15956f1
-
SHA1
c144ddd00166edb900306a55d1706d3f0e02e7a6
-
SHA256
2d6061beff65318f9bb24c262825b4badd66d910d75f7311d849db71d2cc296e
-
SHA512
2cf1ec4334480bf62dc0ee39fed0d5f011fc28dc87b5935e09419a68d1daa9b8569e98d18d6f1ef6989e662cde5161290b3abbbea5721bee43a66dd02ab3e76d
-
SSDEEP
3072:tuOSXpMx7ZAlHsbfUkolNGti7lfqeSxM3SpyEY3E/Ixg/:Zzx7ZApszolIo7lf/ipT/I
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-