General
-
Target
c548ce11e698e058dd93f10830a598fd_JaffaCakes118
-
Size
488KB
-
Sample
240827-s2yfasxhjd
-
MD5
c548ce11e698e058dd93f10830a598fd
-
SHA1
1030b5fe253e087b2a84c4d8e8a07d5b7f39313f
-
SHA256
8d707e04a8233293ec48b3bad843363388808911da22e3ceeb6ca340b3044bc8
-
SHA512
7d75bc0500c2e3aa1860f792a69ca661096b1bd5ec753c8f290c0f188785d13b97634853a94bd2573db1e7319ecc3050d8881e0b05f0aa63e4ba36ee8e85bfb9
-
SSDEEP
12288:eLcoLmD8td+uQCqHmvHDh0l8asK+TWOndaW7Zvf:eCod1QCfDal8vvPdZ7x
Static task
static1
Behavioral task
behavioral1
Sample
c548ce11e698e058dd93f10830a598fd_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c548ce11e698e058dd93f10830a598fd_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
c548ce11e698e058dd93f10830a598fd_JaffaCakes118
-
Size
488KB
-
MD5
c548ce11e698e058dd93f10830a598fd
-
SHA1
1030b5fe253e087b2a84c4d8e8a07d5b7f39313f
-
SHA256
8d707e04a8233293ec48b3bad843363388808911da22e3ceeb6ca340b3044bc8
-
SHA512
7d75bc0500c2e3aa1860f792a69ca661096b1bd5ec753c8f290c0f188785d13b97634853a94bd2573db1e7319ecc3050d8881e0b05f0aa63e4ba36ee8e85bfb9
-
SSDEEP
12288:eLcoLmD8td+uQCqHmvHDh0l8asK+TWOndaW7Zvf:eCod1QCfDal8vvPdZ7x
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-