Extracted

• • Target

    b0b62e7ff94d68b2352f690236d7d8dc8d40113b2a18102f1e6a9492fd6bf2e7.exe

  • Size

    595KB

  • MD5

    5993ff93b68cf1f66f13d073ef61eaa6

  • SHA1

    26be0e107ee83ed8cf3e04fcd0937e0be5228ea1

  • SHA256

    b0b62e7ff94d68b2352f690236d7d8dc8d40113b2a18102f1e6a9492fd6bf2e7

  • SHA512

    7dccaaea5938b89148c32054616c24d75e32386c503b6953534bc2188b9918075078cc63ba6bce1f923b5d204235c8d220b96a3cc8139187b9c02e70673535a8

  • SSDEEP

    12288:iBIJsQVBWutWAgYOb07EE5dN9Wqes1rgGiuOCCS:LJsQVZ+bz8dN9WX9lwCS

  Score

  10^/10

  azorultguloaderdiscoverydownloaderexecutioninfostealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Suspicious use of NtCreateThreadExHideFromDebugger

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  • Suspicious use of SetThreadContext

  behavioral1behavioral2