General

  • Target

    5a765351046fea1490d20f25[1].exe

  • Size

    377KB

  • Sample

    240902-cj8wbaydqq

  • MD5

    1c234a8879840da21f197b2608a164c9

  • SHA1

    ed7f6d70968fed5cf59ed2a141fca928e1b0522f

  • SHA256

    e9cfb6eb3a77cd6ea162cf4cb131b5f6ad2a679c0ba9757d718c2f9265a9668f

  • SHA512

    4d1e82700307cb87196554c459e0b36966f454777876a80a929977ede6d73230611bd0424a57cd0e5f11183b4b13d0e5549830a9effe467b644fa1ddcfc940f2

  • SSDEEP

    6144:IHDNS5okyd+3xOFd0RM9910Qo50yuuJGmdmESvhI3BoUw0h8vIkUm4ggfsJWr:gS5bA+3xOFOG9P6buG7m5gRwJXU/

Malware Config

Extracted

Family

azorult

C2

http://benchadcrd.nl/gate.php

Targets

    • Target

      5a765351046fea1490d20f25[1].exe

    • Size

      377KB

    • MD5

      1c234a8879840da21f197b2608a164c9

    • SHA1

      ed7f6d70968fed5cf59ed2a141fca928e1b0522f

    • SHA256

      e9cfb6eb3a77cd6ea162cf4cb131b5f6ad2a679c0ba9757d718c2f9265a9668f

    • SHA512

      4d1e82700307cb87196554c459e0b36966f454777876a80a929977ede6d73230611bd0424a57cd0e5f11183b4b13d0e5549830a9effe467b644fa1ddcfc940f2

    • SSDEEP

      6144:IHDNS5okyd+3xOFd0RM9910Qo50yuuJGmdmESvhI3BoUw0h8vIkUm4ggfsJWr:gS5bA+3xOFOG9P6buG7m5gRwJXU/

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks