azorult | e53d95848197304e8393ae5576971d3a7f06a39e2024d9a22d2c81f04eacb818 | Triage

Sharing

General

Target

fd6e71b54b99e511b6ee1d080b5704ad.bin
Size

652KB
Sample

231213-est5magaar
MD5

68e34efe1f7baf87410f85951e83a3a1
SHA1

95e280286473a447a69f6dd66e9ae2b1c71bff00
SHA256

e53d95848197304e8393ae5576971d3a7f06a39e2024d9a22d2c81f04eacb818
SHA512

216abc870abdb54db91aadaf1a7cac41ce7defabbed7d806697f1fa25bdfa871e715c9b32ac7234689d2164b4e88194a0ad71770a0980b7c9f9caacb391eea4c
SSDEEP

12288:mFzKrDDaEtSMU3JGK7whHb4LCZ+JP5Qwpib9Z8dLt1TSbAYt7uTJ:SzsaE/UEK7EHkLCZ+JhQwpiYdLt1TKA1

Score

10^/10

azorult infostealer trojan

Malware Config

Targets

- Target
  
  46c4967e83a9a7f9cc87bceee586824640105f6bfddc89698684b374870023d9.exe
- Size
  
  768KB
- MD5
  
  fd6e71b54b99e511b6ee1d080b5704ad
- SHA1
  
  2a30b0a671807d966b44d8c743413f82945adf78
- SHA256
  
  46c4967e83a9a7f9cc87bceee586824640105f6bfddc89698684b374870023d9
- SHA512
  
  aaeca03e8072c86474238351250329ceb505b77415c65a43404c586657b25a7c3cd71eec862fbf35b255aa48b23d70dad0ca6bf47d67ccf9c8681c3a3404e3d3
- SSDEEP
  
  12288:+qwwbXXytzEDujljpEbPLJspWYBeDZFIi/c+o/hyBfzj7ELAplrOeC/z3bAdJv:NLytM2lSjY1DL4fv7EKrD+zLAd5
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

azorultinfostealertrojan