azorult | 1521915bc1bde69c80a1d12af9c9ecbf8dc7ae534256ee71b28cbb2571fc0db0 | Triage

Sharing

General

Target

1521915bc1bde69c80a1d12af9c9ecbf8dc7ae534256ee71b28cbb2571fc0db0
Size

749KB
Sample

240108-stn7nacdgn
MD5

ee5f01b060e00b9558d2dd420c641cce
SHA1

eeab30b93ef46273415db6a91cd3c3b8282dd05d
SHA256

1521915bc1bde69c80a1d12af9c9ecbf8dc7ae534256ee71b28cbb2571fc0db0
SHA512

1aced648699bc70d562301c8b7a2a2308122bc5b510422d76fad2376ae7822cf2f0dd6ad75dbd0ca39489d251e2ddaf873878403ac9f3128420e85faacd723a4
SSDEEP

12288:NqwwbXXyHj41erJgBCRMI8dTA+jBjZTo/hyBfzj7ELAplrOeC/z3bAdG:2LyDri9ZdHBj84fv7EKrD+zLAdG

Score

10^/10

azorult infostealer trojan

Malware Config

Targets

- Target
  
  1521915bc1bde69c80a1d12af9c9ecbf8dc7ae534256ee71b28cbb2571fc0db0
- Size
  
  749KB
- MD5
  
  ee5f01b060e00b9558d2dd420c641cce
- SHA1
  
  eeab30b93ef46273415db6a91cd3c3b8282dd05d
- SHA256
  
  1521915bc1bde69c80a1d12af9c9ecbf8dc7ae534256ee71b28cbb2571fc0db0
- SHA512
  
  1aced648699bc70d562301c8b7a2a2308122bc5b510422d76fad2376ae7822cf2f0dd6ad75dbd0ca39489d251e2ddaf873878403ac9f3128420e85faacd723a4
- SSDEEP
  
  12288:NqwwbXXyHj41erJgBCRMI8dTA+jBjZTo/hyBfzj7ELAplrOeC/z3bAdG:2LyDri9ZdHBj84fv7EKrD+zLAdG
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan