Extracted

• • Target

    a2746a91b6fe611d1b0c0b698f372c01_JaffaCakes118

  • Size

    839KB

  • MD5

    a2746a91b6fe611d1b0c0b698f372c01

  • SHA1

    7f860635215b3d30bc4e569652f6f7269715044f

  • SHA256

    bf03f7f09adbf1975ee00a1fb27430e415feda3cf15b017af6f6d06b91021185

  • SHA512

    bc81eaca1eae2d0167fe3d882c16167eb1bd17b3d2d8a6fc7b72a9b6d07f533d35800306aefc8f31f55a45d8d84225ccf3e7cac7aebb1200f975209fbf726e37

  • SSDEEP

    6144:V1dYD9W7LZllB02a3N1rX+o5DhoobuIJcByegHWsnDlry4LBl8Rwqiqvn4+tThZY:V1lzlC26HrN5DhoNIJ+yPHbJy4s

  Score

  10^/10

  azorultagilenetinfostealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Obfuscated with Agile.Net obfuscator

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2