azorult | aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4 | Triage

Sharing

General

Target

ExeFile (29).exe
Size

919KB
Sample

240820-rh5jtswdkf
MD5

800c49ab811170f1e57f5e40c3eed53c
SHA1

6d37c58f79de4e5a5207304364784576bad1283d
SHA256

aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4
SHA512

24a780feca654a8ba1586c0310b762b898f485723119642bef1999ca0334708737568c3d4dbefc0c9fc62c37ee4e196cb0b207d86bbc5e06abab3a851ed72442
SSDEEP

24576:MDyOC8Ltf+ctcdpH14wkrYUyOgjtq9ntawh2Aqnn:KUAcDVFqxYt0awh

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://168.119.251.131/index.php

Targets

- Target
  
  ExeFile (29).exe
- Size
  
  919KB
- MD5
  
  800c49ab811170f1e57f5e40c3eed53c
- SHA1
  
  6d37c58f79de4e5a5207304364784576bad1283d
- SHA256
  
  aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4
- SHA512
  
  24a780feca654a8ba1586c0310b762b898f485723119642bef1999ca0334708737568c3d4dbefc0c9fc62c37ee4e196cb0b207d86bbc5e06abab3a851ed72442
- SSDEEP
  
  24576:MDyOC8Ltf+ctcdpH14wkrYUyOgjtq9ntawh2Aqnn:KUAcDVFqxYt0awh
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan