General
-
Target
7406da890d87374ab8f524683aef1c11f201068b95095aa20ac3712daaa0c5b3.exe
-
Size
1.5MB
-
Sample
240221-wc29qsda45
-
MD5
ef25ff0d23d8da1b5250fd896896f53e
-
SHA1
390d474c015306ebd252978d7dba78720238543b
-
SHA256
7406da890d87374ab8f524683aef1c11f201068b95095aa20ac3712daaa0c5b3
-
SHA512
976a67d43491a9b81ee04bb9fc80fc2f08c8b4415bbffad50be1a6e67912cb5995cbded04990397df78af785c60bbf89a1d1d0626aca1ec091344293424ea49d
-
SSDEEP
49152:FTvC/MTQYxsWR7acyejdjIQl6kX7sXf8n0irmNmSb6HCjsZ:pjTQYxsWR5yejdjIQl6kX7sXf8nzrm8l
Static task
static1
Behavioral task
behavioral1
Sample
7406da890d87374ab8f524683aef1c11f201068b95095aa20ac3712daaa0c5b3.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
azorult
http://mhlc.shop/MC341/index.php
Targets
-
-
Target
7406da890d87374ab8f524683aef1c11f201068b95095aa20ac3712daaa0c5b3.exe
-
Size
1.5MB
-
MD5
ef25ff0d23d8da1b5250fd896896f53e
-
SHA1
390d474c015306ebd252978d7dba78720238543b
-
SHA256
7406da890d87374ab8f524683aef1c11f201068b95095aa20ac3712daaa0c5b3
-
SHA512
976a67d43491a9b81ee04bb9fc80fc2f08c8b4415bbffad50be1a6e67912cb5995cbded04990397df78af785c60bbf89a1d1d0626aca1ec091344293424ea49d
-
SSDEEP
49152:FTvC/MTQYxsWR7acyejdjIQl6kX7sXf8n0irmNmSb6HCjsZ:pjTQYxsWR5yejdjIQl6kX7sXf8nzrm8l
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-