azorult | a8c916c97647c94047598eb38a181a7a45a48073db3c6a84f1e43514fe09aae6 | Triage

Sharing

General

Target

1526999750f2916199626711de70ec56_JaffaCakes118
Size

1.8MB
Sample

240728-mp9d5swdme
MD5

1526999750f2916199626711de70ec56
SHA1

a46c07e08301c6872cbd59bc2c90507194331fa2
SHA256

a8c916c97647c94047598eb38a181a7a45a48073db3c6a84f1e43514fe09aae6
SHA512

4fa2f38d96ab2bc684f2ec26e4b0bb2921eaf7347bf05833f445e6262d55377b6967c72200637b00af708ffc2dd2a163c10c86b6b16189e00c941d3b836b1261
SSDEEP

49152:0R8154nKgC4LUPl7jW6Cd/EFitaNlgTibWH6T/2UNoKE:aeMC4LkdjGMasWH6T/2UHE

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://51.75.125.91/index.php

Targets

- Target
  
  1526999750f2916199626711de70ec56_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  1526999750f2916199626711de70ec56
- SHA1
  
  a46c07e08301c6872cbd59bc2c90507194331fa2
- SHA256
  
  a8c916c97647c94047598eb38a181a7a45a48073db3c6a84f1e43514fe09aae6
- SHA512
  
  4fa2f38d96ab2bc684f2ec26e4b0bb2921eaf7347bf05833f445e6262d55377b6967c72200637b00af708ffc2dd2a163c10c86b6b16189e00c941d3b836b1261
- SSDEEP
  
  49152:0R8154nKgC4LUPl7jW6Cd/EFitaNlgTibWH6T/2UNoKE:aeMC4LkdjGMasWH6T/2UHE
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan