azorult | f93691c551b9a1542296a0ed502c5df3073ed12c5c7591b66e6ef9e718ce5745 | Triage

Sharing

General

Target

d5b0b10e5808abebd192fe3d9f5dbc99_JaffaCakes118
Size

678KB
Sample

240909-fmwlyasgjk
MD5

d5b0b10e5808abebd192fe3d9f5dbc99
SHA1

279a2555e6f24a46c75ed1151c09fd1063110152
SHA256

f93691c551b9a1542296a0ed502c5df3073ed12c5c7591b66e6ef9e718ce5745
SHA512

293fb3b4fd6f53fcb3f4598bf9a2c7280ebe58f7bd5f7203b4a8c4256f1b045aad7456862490de0fdfa2210ed7b9107b6d7160296dd92a15c7ef3d584ecc1b36
SSDEEP

12288:B1ca5b0Hk9dJTrOXYm0EE0iBu0yOkZ3DssplsDCUJP1+EysA7ZU7m6:ncaB/gXYm0EErTyphLVYdiU9

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://kolhgd.xyz/PL333/index.php

Targets

- Target
  
  d5b0b10e5808abebd192fe3d9f5dbc99_JaffaCakes118
- Size
  
  678KB
- MD5
  
  d5b0b10e5808abebd192fe3d9f5dbc99
- SHA1
  
  279a2555e6f24a46c75ed1151c09fd1063110152
- SHA256
  
  f93691c551b9a1542296a0ed502c5df3073ed12c5c7591b66e6ef9e718ce5745
- SHA512
  
  293fb3b4fd6f53fcb3f4598bf9a2c7280ebe58f7bd5f7203b4a8c4256f1b045aad7456862490de0fdfa2210ed7b9107b6d7160296dd92a15c7ef3d584ecc1b36
- SSDEEP
  
  12288:B1ca5b0Hk9dJTrOXYm0EE0iBu0yOkZ3DssplsDCUJP1+EysA7ZU7m6:ncaB/gXYm0EErTyphLVYdiU9
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan