Overview

overview

10

Static

static

3

swift mesa...23.exe

windows7-x64

10

swift mesa...23.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bedece82c85f76f6a9db2f3cb5ba22b6bd88babdad2ce442540fd1a99af29aa0

  • Size

    515KB

  • Sample

    231127-gn4jlsef7z

  • MD5

    748dd04b4a1f7f1f1d46ab2aff77c50d

  • SHA1

    2e0198e0e3f85a067b14ed2bcde0c38259f4fa7c

  • SHA256

    bedece82c85f76f6a9db2f3cb5ba22b6bd88babdad2ce442540fd1a99af29aa0

  • SHA512

    a892744f271d7d72c115eee2124392fd0403c50e506086be32202d8ff82c7fbb011574ee94a699ac6e1303e40566fa76756b04d6df8ca66710b24c750f00e84e

  • SSDEEP

    12288:G6WcgDjD0Tqf8ltSyftUq6clLmcK5DaHBZp/M+l263LA:GpYanyftznlScK5DGBZxLtLA

Score
10/10
azorultguloaderdownloaderinfostealertrojan

Malware Config

Targets

    • Target

      swift mesaj 27.11.2023.exe

    • Size

      612KB

    • MD5

      60edb8de9aeae1deeb8668067a28819c

    • SHA1

      1dcc7d649c2303a6a756975ff5222ca6fc534bee

    • SHA256

      6fbb2322f0b5b771ccee2f5002782a2eb4217a8833a5cebab554b2d5a711b0a4

    • SHA512

      d598df181dc92a7043976dcd521dcec2cfffb75ca7f8b32cf16cf5803bd3776348e7e9c6bb8975d33a0833094f41579cb7096c1be564e268763bb57f859fe2b5

    • SSDEEP

      12288:b+8XG5SFEyclCv8ep+jhvScK5t2HBZ1/MwhA6zLj:b+8BFslS8ep+jhqcK5tSBZtXrLj

    Score
    10/10
    azorultguloaderdownloaderinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks