General
-
Target
5a610962baf6081eb809a9e460599871_JaffaCakes118
-
Size
653KB
-
Sample
240519-t5b7xafg23
-
MD5
5a610962baf6081eb809a9e460599871
-
SHA1
6290a0dca10e063fc8913cfccc7057356e082e3b
-
SHA256
bc598b8327d9bbffdf96e2f972f2be0794e4e994771c6b0c84d9326921604db7
-
SHA512
21072cffa956240bc5a7af230d553b73f59b1ed2d84c61983d500fd33a0940e1230290c9800ce66c0ba32038aba02fced79ee9234801012f70b617b4e7da849c
-
SSDEEP
12288:pWHW1T76LS4NIeeUDCSvHHNvRgUVM27wl2cQuIFGhYBopxdg:pv1EdNIJR+XllDVGhY+pvg
Malware Config
Extracted
azorult
http://mike.rivalserver.com/~ygnwgnrp/gate.php
Targets
-
-
Target
5a610962baf6081eb809a9e460599871_JaffaCakes118
-
Size
653KB
-
MD5
5a610962baf6081eb809a9e460599871
-
SHA1
6290a0dca10e063fc8913cfccc7057356e082e3b
-
SHA256
bc598b8327d9bbffdf96e2f972f2be0794e4e994771c6b0c84d9326921604db7
-
SHA512
21072cffa956240bc5a7af230d553b73f59b1ed2d84c61983d500fd33a0940e1230290c9800ce66c0ba32038aba02fced79ee9234801012f70b617b4e7da849c
-
SSDEEP
12288:pWHW1T76LS4NIeeUDCSvHHNvRgUVM27wl2cQuIFGhYBopxdg:pv1EdNIJR+XllDVGhY+pvg
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-