General

  • Target

    cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118

  • Size

    615KB

  • Sample

    240831-hgq6da1anh

  • MD5

    cc6001af2678f5dce09d42fe66ea3a3b

  • SHA1

    831afc1198747966ce75e118b75eef0573513442

  • SHA256

    b2c88acb05931773cebcd3de505b1856f65a70719bc16d06d3b34c94b56bbcd6

  • SHA512

    53afe466e42056fa2a6708ae960df43873f38947e215bf5509c922945ea05ce322d7ea4f275b676d49a7984c07d2afb4b997d12b5b32bd104484e024ba03d560

  • SSDEEP

    12288:h79EsfzsZh1jQntckNWjDRIwu+w46sYRMMEX6tJslMtqj1GMx:rDfoh6tcFDRQ+9JM2qLsGtqlx

Malware Config

Extracted

Family

azorult

C2

http://mikeservers.eu/anyisouth/index.php

Targets

    • Target

      cc6001af2678f5dce09d42fe66ea3a3b_JaffaCakes118

    • Size

      615KB

    • MD5

      cc6001af2678f5dce09d42fe66ea3a3b

    • SHA1

      831afc1198747966ce75e118b75eef0573513442

    • SHA256

      b2c88acb05931773cebcd3de505b1856f65a70719bc16d06d3b34c94b56bbcd6

    • SHA512

      53afe466e42056fa2a6708ae960df43873f38947e215bf5509c922945ea05ce322d7ea4f275b676d49a7984c07d2afb4b997d12b5b32bd104484e024ba03d560

    • SSDEEP

      12288:h79EsfzsZh1jQntckNWjDRIwu+w46sYRMMEX6tJslMtqj1GMx:rDfoh6tcFDRQ+9JM2qLsGtqlx

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks