Extracted

• • Target

    96d47610e01eeaadf620ed005419e47a_JaffaCakes118

  • Size

    141KB

  • MD5

    96d47610e01eeaadf620ed005419e47a

  • SHA1

    7d1f41f43b4cbc2123dee3bc2f986fa8fb8c329a

  • SHA256

    a4e1dca9b032364bdfa8d24fed294f55342c602b8dfa7b7ded245c50896230d6

  • SHA512

    b9249aef3a286f422a85a57348653a56c8b3abaa2da9f0aa015dc00ab3765640e4db42b19664c691863635c64adf5edb6a1c7257fceab48d3597d3f69efe3384

  • SSDEEP

    3072:90mlT82/XeeMsVZTplnFKy+7AoyyGCxEAE/HN2wQ90Kv5kNIUq:90mlH/XZln/+YngG/HnQ9CIUq

  Score

  10^/10

  azorultinfostealerpersistencetrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2