General
-
Target
6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118
-
Size
322KB
-
Sample
240524-mxjtfsed47
-
MD5
6e413aa30d77acffd63cda6dadcc8981
-
SHA1
1335fcd12449cbed1d9d5be6bab91a835e8088cf
-
SHA256
73cb1310dc141fee821131f9725c441fb33b22d40d8503863026abdc8789ea58
-
SHA512
ccef837a19d4bf443bc7e9e4ab128b5797da67c0de4b1b045ef2be5a6b02b0a102021009d91c265fc63168c9c9d727c704837c23cc79b66b69a75e0c1a9f1b94
-
SSDEEP
6144:0puvcSS69agePDjZ3aLCSMoHPJPSBpS+H+6w7U8F1X/:0EvcSSIerjZKLCboHhqBpS+hSUK
Static task
static1
Behavioral task
behavioral1
Sample
6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118
-
Size
322KB
-
MD5
6e413aa30d77acffd63cda6dadcc8981
-
SHA1
1335fcd12449cbed1d9d5be6bab91a835e8088cf
-
SHA256
73cb1310dc141fee821131f9725c441fb33b22d40d8503863026abdc8789ea58
-
SHA512
ccef837a19d4bf443bc7e9e4ab128b5797da67c0de4b1b045ef2be5a6b02b0a102021009d91c265fc63168c9c9d727c704837c23cc79b66b69a75e0c1a9f1b94
-
SSDEEP
6144:0puvcSS69agePDjZ3aLCSMoHPJPSBpS+H+6w7U8F1X/:0EvcSSIerjZKLCboHhqBpS+hSUK
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-