Overview

overview

10

Static

static

1

Preloan.exe

windows7-x64

10

Preloan.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Preloan.exe

  • Size

    741KB

  • Sample

    231211-ttf2qadch7

  • MD5

    0b96e8a9f710917f8ebbeba13040e308

  • SHA1

    aae0d2dc73cdab47aadab3ba138979824d1b51e9

  • SHA256

    efe86c187239b2975ba8583a09b1d80f12931c88ada677d00acc22d40e8cd268

  • SHA512

    611d851ed35e3e29a5d104c09e1b59a32021248afe172c4bd422e29409619b0aa78e473863d32d093d1176cb66b11d4b2ab1b6af2e3d4fd5cb0fc28761956823

  • SSDEEP

    12288:0qwwbXXyMFqK8FFXePn83m1WR12lWEo/hyBfzj7ELAplrOeC/z3bAdF:3LyM4br3m1ihd4fv7EKrD+zLAdF

Score
10/10
azorultinfostealertrojan

Malware Config

Targets

    • Target

      Preloan.exe

    • Size

      741KB

    • MD5

      0b96e8a9f710917f8ebbeba13040e308

    • SHA1

      aae0d2dc73cdab47aadab3ba138979824d1b51e9

    • SHA256

      efe86c187239b2975ba8583a09b1d80f12931c88ada677d00acc22d40e8cd268

    • SHA512

      611d851ed35e3e29a5d104c09e1b59a32021248afe172c4bd422e29409619b0aa78e473863d32d093d1176cb66b11d4b2ab1b6af2e3d4fd5cb0fc28761956823

    • SSDEEP

      12288:0qwwbXXyMFqK8FFXePn83m1WR12lWEo/hyBfzj7ELAplrOeC/z3bAdF:3LyM4br3m1ihd4fv7EKrD+zLAdF

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks