Overview

overview

10

Static

static

3

98bf397ff1...dd.exe

windows7-x64

10

98bf397ff1...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98bf397ff19c70094ffaeb693de432dd

  • Size

    399KB

  • Sample

    240213-hjwhwabf8t

  • MD5

    98bf397ff19c70094ffaeb693de432dd

  • SHA1

    f8bcee45ec8b9292c3da429257373d6038d9d771

  • SHA256

    c89c584c372e9af3cd4ee7f238948e9b44408e5b617918fa7731c043e6411135

  • SHA512

    7a5af1968e7971c0d142e71af043c234be848f0454f0dcc972271b9ae1661dccd31bf46fc8c3c2204fffd3e94c4a61d1da4826a2bad8d6f21624a982feec6ef1

  • SSDEEP

    12288:mmDI66qVfGBur4mKysJy6ToutvZh7qDOdnegDu5:mmDI61GA8jtPToutvH9neX5

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://cwownola.org/AqwE/index.php

Targets

    • Target

      98bf397ff19c70094ffaeb693de432dd

    • Size

      399KB

    • MD5

      98bf397ff19c70094ffaeb693de432dd

    • SHA1

      f8bcee45ec8b9292c3da429257373d6038d9d771

    • SHA256

      c89c584c372e9af3cd4ee7f238948e9b44408e5b617918fa7731c043e6411135

    • SHA512

      7a5af1968e7971c0d142e71af043c234be848f0454f0dcc972271b9ae1661dccd31bf46fc8c3c2204fffd3e94c4a61d1da4826a2bad8d6f21624a982feec6ef1

    • SSDEEP

      12288:mmDI66qVfGBur4mKysJy6ToutvZh7qDOdnegDu5:mmDI61GA8jtPToutvH9neX5

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks