General
-
Target
1132.xls
-
Size
1.1MB
-
Sample
231211-ssqdbsaegl
-
MD5
15a4cb54baeca1e5a1a8fea8483ca1af
-
SHA1
6f24d08fd83320e303d0cb3b48a2ba029b783d38
-
SHA256
1cec950b5a2818af2a8419bac0f55467a9334824f86a060a1b4f555dfa4dfd1b
-
SHA512
4d46852dad6e3294f2dbe65b10546104e711fd70a46466d895e19c0ebd8be0575796fe958ccc536ffe8abec2749f320160ed96115f1f1abdecfec1482cdde445
-
SSDEEP
24576:Aw6/4ZyEAXZSqQw6/VZyuAXZSHN8Ow7cIP/BHzxatjU258wdy:b6/qKEG6//IEat7jPNlUjUm8K
Static task
static1
Behavioral task
behavioral1
Sample
1132.xls
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
1132.xls
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
1132.xls
-
Size
1.1MB
-
MD5
15a4cb54baeca1e5a1a8fea8483ca1af
-
SHA1
6f24d08fd83320e303d0cb3b48a2ba029b783d38
-
SHA256
1cec950b5a2818af2a8419bac0f55467a9334824f86a060a1b4f555dfa4dfd1b
-
SHA512
4d46852dad6e3294f2dbe65b10546104e711fd70a46466d895e19c0ebd8be0575796fe958ccc536ffe8abec2749f320160ed96115f1f1abdecfec1482cdde445
-
SSDEEP
24576:Aw6/4ZyEAXZSqQw6/VZyuAXZSHN8Ow7cIP/BHzxatjU258wdy:b6/qKEG6//IEat7jPNlUjUm8K
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-