azorult | 40cba60a14395c319b56911441586d077c80a36a2862848040507327263a8e9e | Triage

Sharing

General

Target

0cc5677c7534f41b7ef00ab959e94e83_JaffaCakes118
Size

735KB
Sample

240501-y813naab46
MD5

0cc5677c7534f41b7ef00ab959e94e83
SHA1

3f51cc3ada8349a5ec1f908e1792235cc3734124
SHA256

40cba60a14395c319b56911441586d077c80a36a2862848040507327263a8e9e
SHA512

7aa8fba7c6995d4bfc4be98db02502af1bec3dda0be3da4a40eeceb7153e30c4d58cbd51a4e3df2a53b7d50a2394a11786f1b41aa240ea81c4caa80a466485fc
SSDEEP

12288:rS1ROskQSIK8ZbWrlc6iv+6ip1zeO2nVM8hGgV7CzyWSdIyfk3ChUR8NX:rSW6SIhZbWsv+6szFB8hxezHR8d

Score

10^/10

azorult infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://207.154.254.218/index.php

Targets

- Target
  
  0cc5677c7534f41b7ef00ab959e94e83_JaffaCakes118
- Size
  
  735KB
- MD5
  
  0cc5677c7534f41b7ef00ab959e94e83
- SHA1
  
  3f51cc3ada8349a5ec1f908e1792235cc3734124
- SHA256
  
  40cba60a14395c319b56911441586d077c80a36a2862848040507327263a8e9e
- SHA512
  
  7aa8fba7c6995d4bfc4be98db02502af1bec3dda0be3da4a40eeceb7153e30c4d58cbd51a4e3df2a53b7d50a2394a11786f1b41aa240ea81c4caa80a466485fc
- SSDEEP
  
  12288:rS1ROskQSIK8ZbWrlc6iv+6ip1zeO2nVM8hGgV7CzyWSdIyfk3ChUR8NX:rSW6SIhZbWsv+6szFB8hxezHR8d
Score

10^/10

azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultinfostealertrojan

behavioral2

azorultinfostealertrojan