General
-
Target
a577a0a898643bc68070a899c2b5f45d_JaffaCakes118
-
Size
1.1MB
-
Sample
240613-pchf1axhrb
-
MD5
a577a0a898643bc68070a899c2b5f45d
-
SHA1
65a0a3baa98bc1629b6b1e526b9a6f329a2c475d
-
SHA256
bd6e50992b8d302359fd95c467681e74d8bf0754ebc87c5a654c7976e16ecb66
-
SHA512
359def7f92b2325474efb6a1855bea17ccdf9aba5d03fde0fc365df6d39205aaed4aec01e308ade7433969fafcd531095adb669928867fafcd61501b4ae85e9b
-
SSDEEP
24576:FdHPXnvcC964ukjOs1iq8ZqI1IT96tyzU3SWf:F9vvM4sHq9QyIf
Static task
static1
Behavioral task
behavioral1
Sample
a577a0a898643bc68070a899c2b5f45d_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a577a0a898643bc68070a899c2b5f45d_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
azorult
http://jatkit.gq/0200-capt2/index.php
Targets
-
-
Target
a577a0a898643bc68070a899c2b5f45d_JaffaCakes118
-
Size
1.1MB
-
MD5
a577a0a898643bc68070a899c2b5f45d
-
SHA1
65a0a3baa98bc1629b6b1e526b9a6f329a2c475d
-
SHA256
bd6e50992b8d302359fd95c467681e74d8bf0754ebc87c5a654c7976e16ecb66
-
SHA512
359def7f92b2325474efb6a1855bea17ccdf9aba5d03fde0fc365df6d39205aaed4aec01e308ade7433969fafcd531095adb669928867fafcd61501b4ae85e9b
-
SSDEEP
24576:FdHPXnvcC964ukjOs1iq8ZqI1IT96tyzU3SWf:F9vvM4sHq9QyIf
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-