General

  • Target

    aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4.exe

  • Size

    919KB

  • Sample

    240821-cjpgnsyenl

  • MD5

    800c49ab811170f1e57f5e40c3eed53c

  • SHA1

    6d37c58f79de4e5a5207304364784576bad1283d

  • SHA256

    aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4

  • SHA512

    24a780feca654a8ba1586c0310b762b898f485723119642bef1999ca0334708737568c3d4dbefc0c9fc62c37ee4e196cb0b207d86bbc5e06abab3a851ed72442

  • SSDEEP

    24576:MDyOC8Ltf+ctcdpH14wkrYUyOgjtq9ntawh2Aqnn:KUAcDVFqxYt0awh

Malware Config

Extracted

Family

azorult

C2

http://168.119.251.131/index.php

Targets

    • Target

      aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4.exe

    • Size

      919KB

    • MD5

      800c49ab811170f1e57f5e40c3eed53c

    • SHA1

      6d37c58f79de4e5a5207304364784576bad1283d

    • SHA256

      aa974591fac020bebe2ec78dcb27670e9a0a5b9126cfa2c666767bda8347dcc4

    • SHA512

      24a780feca654a8ba1586c0310b762b898f485723119642bef1999ca0334708737568c3d4dbefc0c9fc62c37ee4e196cb0b207d86bbc5e06abab3a851ed72442

    • SSDEEP

      24576:MDyOC8Ltf+ctcdpH14wkrYUyOgjtq9ntawh2Aqnn:KUAcDVFqxYt0awh

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks