Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b6149f93bfd5965f6619a10b002baaeb.exe

  • Size

    552KB

  • Sample

    230822-gytr6aad22

  • MD5

    b6149f93bfd5965f6619a10b002baaeb

  • SHA1

    c587df9d164c59c775d8f05aa5988e5fa2538495

  • SHA256

    afc97428348462bec3f5f1a55ff3a39dd7b8c49bad76b784024ad2476ba43172

  • SHA512

    2e95f74b42e789201b73ecb501b25a14b1980a6a745ad471f85e0934bf5077c994ea9bef5fd97653e7bc85a978664b38dac832ec345ec125c79b76a25c057e03

  • SSDEEP

    12288:mYY4WeImE8C2Gu+6WGR9xPhFi2GGQDdJL:mYYn1zu+KXnHQ5d

Malware Config

Extracted

Family

azorult

C2

http://csbo1.shop/MSB01/index.php

Targets

    • Target

      b6149f93bfd5965f6619a10b002baaeb.exe

    • Size

      552KB

    • MD5

      b6149f93bfd5965f6619a10b002baaeb

    • SHA1

      c587df9d164c59c775d8f05aa5988e5fa2538495

    • SHA256

      afc97428348462bec3f5f1a55ff3a39dd7b8c49bad76b784024ad2476ba43172

    • SHA512

      2e95f74b42e789201b73ecb501b25a14b1980a6a745ad471f85e0934bf5077c994ea9bef5fd97653e7bc85a978664b38dac832ec345ec125c79b76a25c057e03

    • SSDEEP

      12288:mYY4WeImE8C2Gu+6WGR9xPhFi2GGQDdJL:mYYn1zu+KXnHQ5d

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks