azorult | 7d5f8cf2f98fa8be9f35d28c95b591d54594a4fcc859dacf9662c3dbdc5a3ed6 | Triage

Sharing

General

Target

E-dekont.exe
Size

1.2MB
Sample

231207-jgyqwshheq
MD5

e6542eb60b7322dcd00dd536ce06dfde
SHA1

82efa9894b09019a4bba652a9f235943d650a46f
SHA256

7d5f8cf2f98fa8be9f35d28c95b591d54594a4fcc859dacf9662c3dbdc5a3ed6
SHA512

71a79076e9681c1201752a1e236d138ad38598b7314df985f70a4af95d9cfcfa6092a783d0c5ad9136cb9fe953803c648ea2e3f0003c67c81a77761464187713
SSDEEP

24576:8Fd6JansCMY5ORrtOCmuUgT6PHJ/qRZOOIRvdkTX8HWl83I:od/5irtD/ReqRZGSX8g83I

Score

10^/10

azorult infostealer trojan

Malware Config

Targets

- Target
  
  E-dekont.exe
- Size
  
  1.2MB
- MD5
  
  e6542eb60b7322dcd00dd536ce06dfde
- SHA1
  
  82efa9894b09019a4bba652a9f235943d650a46f
- SHA256
  
  7d5f8cf2f98fa8be9f35d28c95b591d54594a4fcc859dacf9662c3dbdc5a3ed6
- SHA512
  
  71a79076e9681c1201752a1e236d138ad38598b7314df985f70a4af95d9cfcfa6092a783d0c5ad9136cb9fe953803c648ea2e3f0003c67c81a77761464187713
- SSDEEP
  
  24576:8Fd6JansCMY5ORrtOCmuUgT6PHJ/qRZOOIRvdkTX8HWl83I:od/5irtD/ReqRZGSX8g83I
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Loads dropped DLL
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan