Overview

overview

10

Static

static

1

Q-1479-R-F...NE.exe

windows7-x64

10

Q-1479-R-F...NE.exe

windows10-1703-x64

10

Q-1479-R-F...NE.exe

windows10-2004-x64

Resubmissions

14-12-2023 20:55

231214-zqktdshhb4 10

14-12-2023 20:38

231214-zeyacagdhj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Q-1479-R-FRONTLINE.exe

  • Size

    1.9MB

  • Sample

    231214-zeyacagdhj

  • MD5

    53e3342cba72b85c7f0450d9ffc20139

  • SHA1

    7d5938767ca1c30f697f8d94de6f0ae69c99cbd8

  • SHA256

    c4f52acd406bc725b166739ea9a85ac80c4ecb0ba9c8c7ef32660912ed2749f4

  • SHA512

    c4b683f7f378a76f50435356f6dcf917398f2accc1d7841ede1e9bc869e56dab9bffb650e8dedca526fa49e1fa1935484f421a69f8703aa8637f0467d1ee312e

  • SSDEEP

    49152:wp6OlSXZoTetdC4O4TvRK2yrmA7BHH4u9xkfL:9e+vOOK2y6kFH9KfL

Score
10/10
azorultguloaderdownloaderinfostealertrojan

Malware Config

Targets

    • Target

      Q-1479-R-FRONTLINE.exe

    • Size

      1.9MB

    • MD5

      53e3342cba72b85c7f0450d9ffc20139

    • SHA1

      7d5938767ca1c30f697f8d94de6f0ae69c99cbd8

    • SHA256

      c4f52acd406bc725b166739ea9a85ac80c4ecb0ba9c8c7ef32660912ed2749f4

    • SHA512

      c4b683f7f378a76f50435356f6dcf917398f2accc1d7841ede1e9bc869e56dab9bffb650e8dedca526fa49e1fa1935484f421a69f8703aa8637f0467d1ee312e

    • SSDEEP

      49152:wp6OlSXZoTetdC4O4TvRK2yrmA7BHH4u9xkfL:9e+vOOK2y6kFH9KfL

    Score
    10/10
    azorultguloaderdownloaderinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks