General
-
Target
cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118
-
Size
615KB
-
Sample
240831-hgq6da1anh
-
MD5
cc6001af2678f5dce09d42fe66ea3a3b
-
SHA1
831afc1198747966ce75e118b75eef0573513442
-
SHA256
b2c88acb05931773cebcd3de505b1856f65a70719bc16d06d3b34c94b56bbcd6
-
SHA512
53afe466e42056fa2a6708ae960df43873f38947e215bf5509c922945ea05ce322d7ea4f275b676d49a7984c07d2afb4b997d12b5b32bd104484e024ba03d560
-
SSDEEP
12288:h79EsfzsZh1jQntckNWjDRIwu+w46sYRMMEX6tJslMtqj1GMx:rDfoh6tcFDRQ+9JM2qLsGtqlx
Static task
static1
Behavioral task
behavioral1
Sample
cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
azorult
http://mikeservers.eu/anyisouth/index.php
Targets
-
-
Target
cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118
-
Size
615KB
-
MD5
cc6001af2678f5dce09d42fe66ea3a3b
-
SHA1
831afc1198747966ce75e118b75eef0573513442
-
SHA256
b2c88acb05931773cebcd3de505b1856f65a70719bc16d06d3b34c94b56bbcd6
-
SHA512
53afe466e42056fa2a6708ae960df43873f38947e215bf5509c922945ea05ce322d7ea4f275b676d49a7984c07d2afb4b997d12b5b32bd104484e024ba03d560
-
SSDEEP
12288:h79EsfzsZh1jQntckNWjDRIwu+w46sYRMMEX6tJslMtqj1GMx:rDfoh6tcFDRQ+9JM2qLsGtqlx
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious use of SetThreadContext
-