Extracted

• • Target

    70046bc985e5e297e8a4b48559d707da_JaffaCakes118

  • Size

    419KB

  • MD5

    70046bc985e5e297e8a4b48559d707da

  • SHA1

    21fe43995c45ad144533e1348e995c663b71e046

  • SHA256

    5525e7716e560c7779efe6dd41430f611c481863a9a7d31a310146de5a7e0099

  • SHA512

    936d7a37212f683eadc4624918d53a6b7389f5b169f1bbb28555d8518e8299d7249eb15cadfa78cd3d999600592033ae4ff841c5e7df6cd0b9e99026864927d3

  • SSDEEP

    6144:H7eaqie96Ar2E5CmnVKTOwpUoKQw+6vD6SKArVB4RBKc2iXV5p0FZmYkXfT27a/i:bjYVhCLTfKQwDvD5mGlI1rX7kUtkR

  Score

  10^/10

  azorultdiscoveryinfostealertrojanpersistence

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2