azorult | bdd500e8d7fadf83d80b3e1e6affbf60af92dff9d0b902b353e6ddad657445da | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

cb1fef1a16...d9.exe

windows7-x64

cb1fef1a16...d9.exe

windows10-2004-x64

Sharing

General

Target

cb1fef1a16b7fc3851b569ffb51e17d9
Size

353KB
Sample

240315-l4ebwadf9x
MD5

cb1fef1a16b7fc3851b569ffb51e17d9
SHA1

00373b44ad8558dd23832f3aba6b031acbad706e
SHA256

bdd500e8d7fadf83d80b3e1e6affbf60af92dff9d0b902b353e6ddad657445da
SHA512

0e1650bc41854d87dbef66870e300b52b6bf5fdd66af7753098d3711acea1deae18241cad26b7839bcfbd4a0eccadbec3502b613046cc0a1de3b1b3649d8d016
SSDEEP

6144:36wEc0lyFFVFCTkeiNRTD2dWlKItfK6ioAjVQ5qvfJX73aAtxzxCmJ1X3XCjC6:KwEZuFVk4eiHCiKWfooAjGovfND5xzxP

Score

10^/10

azorult zgrat infostealer rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

cb1fef1a16b7fc3851b569ffb51e17d9.exe

Resource

win7-20240220-en

azorult zgrat infostealer rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

cb1fef1a16b7fc3851b569ffb51e17d9.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

azorult

C2

http://203.159.80.118/PL341/index.php

Targets

- Target
  
  cb1fef1a16b7fc3851b569ffb51e17d9
- Size
  
  353KB
- MD5
  
  cb1fef1a16b7fc3851b569ffb51e17d9
- SHA1
  
  00373b44ad8558dd23832f3aba6b031acbad706e
- SHA256
  
  bdd500e8d7fadf83d80b3e1e6affbf60af92dff9d0b902b353e6ddad657445da
- SHA512
  
  0e1650bc41854d87dbef66870e300b52b6bf5fdd66af7753098d3711acea1deae18241cad26b7839bcfbd4a0eccadbec3502b613046cc0a1de3b1b3649d8d016
- SSDEEP
  
  6144:36wEc0lyFFVFCTkeiNRTD2dWlKItfK6ioAjVQ5qvfJX73aAtxzxCmJ1X3XCjC6:KwEZuFVk4eiHCiKWfooAjGovfND5xzxP
Score

10^/10

azorult zgrat infostealer rat trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

azorultzgratinfostealerrattrojan

behavioral2

© 2018-2025

Terms | Privacy