Overview

overview

10

Static

static

3

3d1b30c367...18.exe

windows7-x64

10

3d1b30c367...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2024 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d1b30c367c278ce2225097dff98bc9a_JaffaCakes118.exe

  • Size

    284KB

  • MD5

    3d1b30c367c278ce2225097dff98bc9a

  • SHA1

    920e91524259c7fc6844564869ed30e6fdc8e952

  • SHA256

    7dfc0056287f02ef894a7ec47c325d43e552041c72def7903443b6ddbb3b00d2

  • SHA512

    91432148aa18b22d2c510a27d7df2bbf1909b9aa6b6dc3b79ff360d32d2c8846bbda88f9b500fb2e40bb8ef9721647b7bdb9b23f748b1b585b6a6974ddade4e6

  • SSDEEP

    6144:DVmYL8YUWY6fHEvgjEcymwmr1jp7Evw8FefkGlTrQXzt:DVrQYUWjvEOHwmrnEvwyUk7t

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://baran.live/547d5c/index.php

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d1b30c367c278ce2225097dff98bc9a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3d1b30c367c278ce2225097dff98bc9a_JaffaCakes118.exe"
    1⤵
      PID:2100

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2100-2-0x0000000000400000-0x000000000044E000-memory.dmp

      Filesize

      312KB

      Download

    • memory/2100-1-0x0000000000400000-0x000000000044E000-memory.dmp

      Filesize

      312KB

      Download

    • memory/2100-3-0x0000000000400000-0x000000000044E000-memory.dmp

      Filesize

      312KB

      Download