Extracted

• • Target

    35e36f164143071a27f19ccd6bd80fcd_JaffaCakes118

  • Size

    385KB

  • MD5

    35e36f164143071a27f19ccd6bd80fcd

  • SHA1

    c93271aaa1b5949953e88643239d5e17919bcff8

  • SHA256

    58d298a17e91be6198e0fcef61cf1e94ae31af93819c4a87a02c32d6e2024f67

  • SHA512

    b9f5a6ebd523d2233998992614278588099926c1320cda1645f7a6435841275442e7472e10abf504fc62d880095f662354375a40dac2f64f473707c74fc91cb5

  • SSDEEP

    12288:XoL4EnU4T/vjLyL9aUZa6iqFFMmlg8pY9+aXT68kLRA:XwnU4TDLe9aOPFvR4g9A

  Score

  10^/10

  azorultinfostealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Unexpected DNS network traffic destination

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Uses the VBS compiler for execution

  • Drops desktop.ini file(s)

  • Suspicious use of SetThreadContext

  behavioral1behavioral2