Extracted

• • Target

    4c6d077efc220f1f2b940a55c22055d3_JaffaCakes118

  • Size

    965KB

  • MD5

    4c6d077efc220f1f2b940a55c22055d3

  • SHA1

    e37cfad0a8e328d2d60b2fbaf19db91a73966849

  • SHA256

    bda2ca03c7cc1a1176e210747275d8f05cf1ad5eadb608859ff90db1a591071e

  • SHA512

    1054748a878896eb330545b1eaf80ab016091d77ed0a37e6aea8046985858199a97a41d983bb251d3d518d0394c321182b7c2d5e805c305a3e87a23ea6d20429

  • SSDEEP

    12288:qh995HQnOWZ9r2VMrmgOkCiXn9fsKMt54P9YE4BDIfrpnzTvoX5u2xOcF1QTn0wI:qhHMDfrOgWq9UznzDIfNzTaPfu7w5XN

  Score

  10^/10

  azorultinfostealerpersistencetrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2