General
-
Target
0d4bfbdb0a90be3072174f93dc81897e_JaffaCakes118
-
Size
7.7MB
-
Sample
240502-dfzznsfa5z
-
MD5
0d4bfbdb0a90be3072174f93dc81897e
-
SHA1
eb034e2bf1859deab12617ab4333b7b719553306
-
SHA256
a3320970587f1cb52cd036b1317dcd800c71da4c499a240d7644d9d93003c933
-
SHA512
ecae4033707c66a455dae64061cec4ff225b4679df6a684d6cdb07cba22f1695e53b0f265f3c1456b1bb0820827225c8ecbf92129ef8957695ff315a8ef3cfe3
-
SSDEEP
196608:MCKPhIdB4LC4BgRexpA4O1Xq7pZIBVIAg26FsluEMC/WpsvkCesIG:nWo4m4iwg/qfDLKEC/WSvkCeH
Malware Config
Targets
-
-
Target
0d4bfbdb0a90be3072174f93dc81897e_JaffaCakes118
-
Size
7.7MB
-
MD5
0d4bfbdb0a90be3072174f93dc81897e
-
SHA1
eb034e2bf1859deab12617ab4333b7b719553306
-
SHA256
a3320970587f1cb52cd036b1317dcd800c71da4c499a240d7644d9d93003c933
-
SHA512
ecae4033707c66a455dae64061cec4ff225b4679df6a684d6cdb07cba22f1695e53b0f265f3c1456b1bb0820827225c8ecbf92129ef8957695ff315a8ef3cfe3
-
SSDEEP
196608:MCKPhIdB4LC4BgRexpA4O1Xq7pZIBVIAg26FsluEMC/WpsvkCesIG:nWo4m4iwg/qfDLKEC/WSvkCeH
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-