Overview

overview

10

Static

static

3

4872dfbfd5...18.exe

windows7-x64

10

4872dfbfd5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4872dfbfd5180fb118d93b9a786d1eb0_JaffaCakes118

  • Size

    598KB

  • Sample

    240515-2zfbdagh43

  • MD5

    4872dfbfd5180fb118d93b9a786d1eb0

  • SHA1

    0d42a59ef21ec45a8317d828111ab49beea8b312

  • SHA256

    f30de1eaa6131b558d7ea14e86add8ec22cebb6b988715753745b12e46906901

  • SHA512

    b8887871ec530484e77e16af1afd10599f8df9cdca63af0fd14f5b1e730d30d3e4790bd15fcd46f8b014bc4e5452be72819993bfa336d9e09ae2f283c69b4ae2

  • SSDEEP

    12288:DK5Iwbvs4CF35Z6ifckPyznczJJsICBX0:Wnva352xzczJJrC

Score
10/10
azorultdiscoveryinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://185.43.220.15/~yafpn149/index.php

Targets

    • Target

      4872dfbfd5180fb118d93b9a786d1eb0_JaffaCakes118

    • Size

      598KB

    • MD5

      4872dfbfd5180fb118d93b9a786d1eb0

    • SHA1

      0d42a59ef21ec45a8317d828111ab49beea8b312

    • SHA256

      f30de1eaa6131b558d7ea14e86add8ec22cebb6b988715753745b12e46906901

    • SHA512

      b8887871ec530484e77e16af1afd10599f8df9cdca63af0fd14f5b1e730d30d3e4790bd15fcd46f8b014bc4e5452be72819993bfa336d9e09ae2f283c69b4ae2

    • SSDEEP

      12288:DK5Iwbvs4CF35Z6ifckPyznczJJsICBX0:Wnva352xzczJJrC

    Score
    10/10
    azorultdiscoveryinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks