azorult | a67f34f84d7cc2ab0c2e9652f7fa0cc43985969dd8751fb2ab0abab2a892d412

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 17:09

Target

4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe
Size

251KB
MD5

4247b2cae5c018ee0134feb6695bf7e7
SHA1

5fd1acfc04be9afc9e31e868cab37b7f10a669a3
SHA256

a67f34f84d7cc2ab0c2e9652f7fa0cc43985969dd8751fb2ab0abab2a892d412
SHA512

ee359f1b805c476549b3d869ab3317f8265c96155030e253a62626f21cf0ef5962c777c59e195726132dfe6b1ff40b5afc0aca42d4f9e0f0140b6be7cfa32be2
SSDEEP

6144:7v+MG0F7zG2lIEp6FzlcruO8zrP6HySZ:7LG0F7yWalINUg/

Score

10^/10

Family

azorult

http://admin.svapofit.com/azs/index.php

Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
trojan infostealer azorult

C:\Users\Admin\AppData\Local\Temp\4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe"
1⤵
PID:3020

memory/3020-2-0x0000000000400000-0x0000000000420000-memory.dmp

Filesize
128KB

Download
memory/3020-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/3020-0-0x0000000000270000-0x0000000000289000-memory.dmp

Filesize
100KB

Download
memory/3020-4-0x0000000000400000-0x0000000000420000-memory.dmp

Filesize
128KB

Download
memory/3020-3-0x0000000000400000-0x0000000000457000-memory.dmp

Filesize
348KB

Download