General
-
Target
igucc.exe
-
Size
593KB
-
Sample
230911-p8hrmsgc79
-
MD5
35951704bf97c135fec65cca9bc2e1c1
-
SHA1
f5232f30da3a3c5df4a6d15aea178059fb14cd89
-
SHA256
932a29dcd8b778f2e7c509b3ef9d732632edc266596bea3ed351803dc08cd5af
-
SHA512
2a7577bd58fcbd7de29746daceca839f799fa0438d9d3d2e331e6a872c15cb634f688b4a6f99d19cc2d16e74d5b8ee091809cad09aa99dfffebb7c6c74532212
-
SSDEEP
12288:Sgm/Sduud+GG2zwcb9ZSNpLen7CgAHWfRdaA:Sg1duud+G0u9ANJM7CCJ
Static task
static1
Behavioral task
behavioral1
Sample
igucc.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
igucc.exe
Resource
win10v2004-20230831-en
Malware Config
Targets
-
-
Target
igucc.exe
-
Size
593KB
-
MD5
35951704bf97c135fec65cca9bc2e1c1
-
SHA1
f5232f30da3a3c5df4a6d15aea178059fb14cd89
-
SHA256
932a29dcd8b778f2e7c509b3ef9d732632edc266596bea3ed351803dc08cd5af
-
SHA512
2a7577bd58fcbd7de29746daceca839f799fa0438d9d3d2e331e6a872c15cb634f688b4a6f99d19cc2d16e74d5b8ee091809cad09aa99dfffebb7c6c74532212
-
SSDEEP
12288:Sgm/Sduud+GG2zwcb9ZSNpLen7CgAHWfRdaA:Sg1duud+G0u9ANJM7CCJ
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-