Overview

overview

10

Static

static

3

506bb58a4d...18.exe

windows7-x64

10

506bb58a4d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    506bb58a4d228dc9795dddc77974fb1a_JaffaCakes118

  • Size

    735KB

  • Sample

    240517-t1fdrsge68

  • MD5

    506bb58a4d228dc9795dddc77974fb1a

  • SHA1

    00f8fe7ca7622830d7b7f1ac53ff0fd71865bf60

  • SHA256

    578549f540efa7b6a77bc10cfe86f84d4303e734c26578403aae64e2278f9488

  • SHA512

    596aba0620009d786ac97d1e8811dd1a4ca3b2c50de9194775c844c9e39440b81882a0e4752881212b0487aa16c2b1d5ff3d5f232cd38c4aa5f8e38bc2e54149

  • SSDEEP

    12288:/S1ROskQSIK8ZbWrlc6iv+6ip1zeO2nVM8hGgV7C+mSb8wR8CLfHWmAW:/SW6SIhZbWsv+6szFB8hxeifRf2mF

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://ciuj.ir/showmoney/index.php

Targets

    • Target

      506bb58a4d228dc9795dddc77974fb1a_JaffaCakes118

    • Size

      735KB

    • MD5

      506bb58a4d228dc9795dddc77974fb1a

    • SHA1

      00f8fe7ca7622830d7b7f1ac53ff0fd71865bf60

    • SHA256

      578549f540efa7b6a77bc10cfe86f84d4303e734c26578403aae64e2278f9488

    • SHA512

      596aba0620009d786ac97d1e8811dd1a4ca3b2c50de9194775c844c9e39440b81882a0e4752881212b0487aa16c2b1d5ff3d5f232cd38c4aa5f8e38bc2e54149

    • SSDEEP

      12288:/S1ROskQSIK8ZbWrlc6iv+6ip1zeO2nVM8hGgV7C+mSb8wR8CLfHWmAW:/SW6SIhZbWsv+6szFB8hxeifRf2mF

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks