azorult | d37dccd907a4c76bf2c72ca029cdc8f82974ed25ded93ff1dcf79e6335487a2f | Triage

Sharing

General

Target

c340761e2148785822fd97d1b7975a57_JaffaCakes118
Size

468KB
Sample

240826-sjsgbs1gmp
MD5

c340761e2148785822fd97d1b7975a57
SHA1

fa153358c072e09ce668d5f9e1b8d416ecf8415c
SHA256

d37dccd907a4c76bf2c72ca029cdc8f82974ed25ded93ff1dcf79e6335487a2f
SHA512

e53b4ec933c9186a42aace5d98ebf9123e8403cc9c91a247891ece31a5331b2679738a7f8db4234833208b9386279e3dbc1425511c845a1cb6fa56f5b384f2d8
SSDEEP

6144:5zvMfrx4gDWLSH5eq2uKsYvqN0zk4wcaXVHZJjBLzeLHqRs:5m94giLSZ7VKsEqNzIePBW

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://crimtan.cf/bin/Panel/index.php

Targets

- Target
  
  c340761e2148785822fd97d1b7975a57_JaffaCakes118
- Size
  
  468KB
- MD5
  
  c340761e2148785822fd97d1b7975a57
- SHA1
  
  fa153358c072e09ce668d5f9e1b8d416ecf8415c
- SHA256
  
  d37dccd907a4c76bf2c72ca029cdc8f82974ed25ded93ff1dcf79e6335487a2f
- SHA512
  
  e53b4ec933c9186a42aace5d98ebf9123e8403cc9c91a247891ece31a5331b2679738a7f8db4234833208b9386279e3dbc1425511c845a1cb6fa56f5b384f2d8
- SSDEEP
  
  6144:5zvMfrx4gDWLSH5eq2uKsYvqN0zk4wcaXVHZJjBLzeLHqRs:5m94giLSZ7VKsEqNzIePBW
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan