azorult | 3f8807728cce4b1e55293cd3577fdd36457c1568a23594d4cbfaeab45a10c574 | Triage

Sharing

General

Target

3f8807728cce4b1e55293cd3577fdd36457c1568a23594d4cbfaeab45a10c574.exe
Size

681KB
Sample

240821-bv1hmsxcjk
MD5

7fe2322db3d58f5b993fadbaaff908be
SHA1

1d715a90d9874e61d90c0c84a1095887009c53b2
SHA256

3f8807728cce4b1e55293cd3577fdd36457c1568a23594d4cbfaeab45a10c574
SHA512

097198970785255e89747b9f67c79528a92a50d490e3e8c7c441fd76d6110bf192ed26d1573b7023dc28f54e01917586ea2ec6d50e58e6eb1efb3f168022a9b6
SSDEEP

12288:bsCza+8quapcNxkVO4S2ojdbTv2dSFW7QkgzV7cwRTrjEzNWVtL70:vza+v0QoJvOuofgzVowRTfEzgVZY

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://168.119.251.131/index.php

Targets

- Target
  
  3f8807728cce4b1e55293cd3577fdd36457c1568a23594d4cbfaeab45a10c574.exe
- Size
  
  681KB
- MD5
  
  7fe2322db3d58f5b993fadbaaff908be
- SHA1
  
  1d715a90d9874e61d90c0c84a1095887009c53b2
- SHA256
  
  3f8807728cce4b1e55293cd3577fdd36457c1568a23594d4cbfaeab45a10c574
- SHA512
  
  097198970785255e89747b9f67c79528a92a50d490e3e8c7c441fd76d6110bf192ed26d1573b7023dc28f54e01917586ea2ec6d50e58e6eb1efb3f168022a9b6
- SSDEEP
  
  12288:bsCza+8quapcNxkVO4S2ojdbTv2dSFW7QkgzV7cwRTrjEzNWVtL70:vza+v0QoJvOuofgzVowRTfEzgVZY
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2