Overview

overview

10

Static

static

3

5ad4d01999...18.exe

windows7-x64

10

5ad4d01999...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-03-2024 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ad4d01999ea71f74862b8bbab0c11b1_JaffaCakes118.exe

  • Size

    336KB

  • MD5

    5ad4d01999ea71f74862b8bbab0c11b1

  • SHA1

    f3da52707b8659fc61338b7ea9809d6147ed18f6

  • SHA256

    b575826088add1885458a51983a57f07d3f657043f58c5fa930ae61ffdb917d5

  • SHA512

    3ac785d62f2e4814eff0735704e1da40e750e0f14589d7322abaf57a287b52fd0b8e578a94b44e0a15f6be3b66aa449e4b00f4345bdbe839b6497b10123d567f

  • SSDEEP

    6144:SO7eWBJ93Uj7OgLa45KoBIFO6/vMLZ935PFXwz6Uifnz:xHl67TLa459kOb9dSz6l

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://lizard.pw/index.php

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ad4d01999ea71f74862b8bbab0c11b1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5ad4d01999ea71f74862b8bbab0c11b1_JaffaCakes118.exe"
    1⤵
      PID:5212

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5212-0-0x0000000002280000-0x00000000022B5000-memory.dmp

      Filesize

      212KB

      Download

    • memory/5212-1-0x0000000000400000-0x0000000000456000-memory.dmp

      Filesize

      344KB

      Download

    • memory/5212-2-0x0000000000400000-0x0000000000456000-memory.dmp

      Filesize

      344KB

      Download

    • memory/5212-3-0x0000000002280000-0x00000000022B5000-memory.dmp

      Filesize

      212KB

      Download