azorult | 4b6543349f1a1f1560be01689aee726e8b41f0a17b264cf935eecec6f46ec1a8 | Triage

Submit
Reports

Overview

overview

Static

static

3

23722503bd...95.exe

windows7-x64

23722503bd...95.exe

windows10-2004-x64

Sharing

General

Target

4b6543349f1a1f1560be01689aee726e8b41f0a17b264cf935eecec6f46ec1a8
Size

675KB
Sample

240417-rpte5sbf74
MD5

65a0fb7de2a59c4032dd7da4f4c2984d
SHA1

824709b94b9d7613846171066ed75c614f67837e
SHA256

4b6543349f1a1f1560be01689aee726e8b41f0a17b264cf935eecec6f46ec1a8
SHA512

d33831671cc880f08b80997c4237a496aa44df3764d552a255bd2446dfc1a29e5b19e9d708d4b9fa8f15a0bb90c59488fa80c5ff95248ea2f02130acced75776
SSDEEP

12288:isXcE7yQLTDEDQDR1fnyMzzUHPmAsmrsXPfefc+pccRvYQVxfreeG:BdnHDm6R1fnyMnUHPms4XeE+pccv3k

Score

10^/10

azorult zgrat infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

23722503bdcc20ab9e6482bb2d3e92e50b13443799f361975bb36a91f0eeb895.exe

Resource

win7-20240221-en

azorult zgrat infostealer rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

23722503bdcc20ab9e6482bb2d3e92e50b13443799f361975bb36a91f0eeb895.exe

Resource

win10v2004-20240412-en

azorult zgrat infostealer rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

- Target
  
  23722503bdcc20ab9e6482bb2d3e92e50b13443799f361975bb36a91f0eeb895.exe
- Size
  
  717KB
- MD5
  
  ec88a4c1dcfb3861f6c9c364deeabd94
- SHA1
  
  ed0d81e041345ddc9ff9fea8bad197ee1a66fe82
- SHA256
  
  23722503bdcc20ab9e6482bb2d3e92e50b13443799f361975bb36a91f0eeb895
- SHA512
  
  81f6ed64f54778aa59afbc515dd6a40b5acac397348801dadbddcfdc15711144c3085e08099ba2a28a98055039916ade0e0cde1ea6fcf78b1f5962e8651609a7
- SSDEEP
  
  12288:rtHCL6YFXDk8fwYXzlRLf3AM+lsEttF2s9NgztG2Qk/sxJhT:xHq6Y5hRLsGEvF2sOtGkIh
Score

10^/10

azorult zgrat infostealer rat trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

azorultzgratinfostealerrattrojan

behavioral2

azorultzgratinfostealerrattrojan

© 2018-2025

Terms | Privacy