General

  • Target

    6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118

  • Size

    322KB

  • Sample

    240524-mxjtfsed47

  • MD5

    6e413aa30d77acffd63cda6dadcc8981

  • SHA1

    1335fcd12449cbed1d9d5be6bab91a835e8088cf

  • SHA256

    73cb1310dc141fee821131f9725c441fb33b22d40d8503863026abdc8789ea58

  • SHA512

    ccef837a19d4bf443bc7e9e4ab128b5797da67c0de4b1b045ef2be5a6b02b0a102021009d91c265fc63168c9c9d727c704837c23cc79b66b69a75e0c1a9f1b94

  • SSDEEP

    6144:0puvcSS69agePDjZ3aLCSMoHPJPSBpS+H+6w7U8F1X/:0EvcSSIerjZKLCboHhqBpS+hSUK

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

    • Target

      6e413aa30d77acffd63cda6dadcc8981_JaffaCakes118

    • Size

      322KB

    • MD5

      6e413aa30d77acffd63cda6dadcc8981

    • SHA1

      1335fcd12449cbed1d9d5be6bab91a835e8088cf

    • SHA256

      73cb1310dc141fee821131f9725c441fb33b22d40d8503863026abdc8789ea58

    • SHA512

      ccef837a19d4bf443bc7e9e4ab128b5797da67c0de4b1b045ef2be5a6b02b0a102021009d91c265fc63168c9c9d727c704837c23cc79b66b69a75e0c1a9f1b94

    • SSDEEP

      6144:0puvcSS69agePDjZ3aLCSMoHPJPSBpS+H+6w7U8F1X/:0EvcSSIerjZKLCboHhqBpS+hSUK

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.