Overview

overview

10

Static

static

3

e-Profile.exe

windows7-x64

10

e-Profile.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b0bfa963541d0d8bd8ba0838124d99c_JaffaCakes118

  • Size

    230KB

  • Sample

    240715-xyxrtavfnl

  • MD5

    4b0bfa963541d0d8bd8ba0838124d99c

  • SHA1

    42fc5930f87feca20990cea6f041f30b45f424be

  • SHA256

    1b7a8e34c964aed3fc2eddb00dc4cf5f14557e87a634bd548475f54b9411c57e

  • SHA512

    00b45e665374445f59164d40c05269f56c99ac2f5d5bbfccd7f96aae8456bc9b5e8fa9350e5a2ee2af827845896c74c4b454df210f180041f50592e3409c1c11

  • SSDEEP

    6144:du5xytnGerI/ePKvafLDpwa02iYG5ouL1dThKBXPFo:0ytUzv6cFN6u5dThso

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://18.197.52.125/index.php

Targets

    • Target

      e-Profile.exe

    • Size

      1.2MB

    • MD5

      e9961ed5cea30e68d30ed653321882a3

    • SHA1

      8dbbe4d9fdc55eafb99821727947d7ffab40a2d3

    • SHA256

      b1a7b9627bcdf938ea47004cb78d58aea51759f206f630b0ac1b70eda002e369

    • SHA512

      6a86430a9f0ad3cc519a4f11df39de5c6ca8405252c56b7198d2308eafbe1ed1071c457ef717e6c6b2f07243312cab97e7f85b41fe6613667440440725391df1

    • SSDEEP

      768:Zpt2ZU8UBAU2DinsbPYFZt9EUHg888gCtOTOjavPY4KE//Ou1kenObmm7UMKXYWH:ZrI

    Score
    10/10
    azorultinfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks