azorult | c4bc220859c5604557e00df6ec080b6c381baa52b17d9373f640b8d3ba0e7b0c | Triage

Sharing

General

Target

de58380186567f41f144f2e57ed4543d_JaffaCakes118
Size

530KB
Sample

240913-qrav5sshjd
MD5

de58380186567f41f144f2e57ed4543d
SHA1

8284803c58ead43dda6f7e8c88b3b7617230eec4
SHA256

c4bc220859c5604557e00df6ec080b6c381baa52b17d9373f640b8d3ba0e7b0c
SHA512

2e2977b0ccfed33c23d2d9e1067a69ed90093dd7689d86c7926995ccb496adb35dc84f7b219f1aa6e93d661f94361bd79dc361392abbbf118e6983f2cd5fad83
SSDEEP

12288:A4xX3N4b4ceEJugWomhCVEHAvWr/q6vzgty9Ew2UO:L94b4UJhWbC5uzq6v6J

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://5.8.88.71/a/index.php

Targets

- Target
  
  de58380186567f41f144f2e57ed4543d_JaffaCakes118
- Size
  
  530KB
- MD5
  
  de58380186567f41f144f2e57ed4543d
- SHA1
  
  8284803c58ead43dda6f7e8c88b3b7617230eec4
- SHA256
  
  c4bc220859c5604557e00df6ec080b6c381baa52b17d9373f640b8d3ba0e7b0c
- SHA512
  
  2e2977b0ccfed33c23d2d9e1067a69ed90093dd7689d86c7926995ccb496adb35dc84f7b219f1aa6e93d661f94361bd79dc361392abbbf118e6983f2cd5fad83
- SSDEEP
  
  12288:A4xX3N4b4ceEJugWomhCVEHAvWr/q6vzgty9Ew2UO:L94b4UJhWbC5uzq6v6J
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan