azorult | 8134e9aaeee2160899ff6995b0d97a1742eda48124ff8cebaa4b2f65b2e8b153 | Triage

Sharing

General

Target

ec979706809d317ea490b0abc9409a20_JaffaCakes118
Size

713KB
Sample

240920-b494fasdra
MD5

ec979706809d317ea490b0abc9409a20
SHA1

06cf2ee722da1726b799da60efcc99c54f6c549a
SHA256

8134e9aaeee2160899ff6995b0d97a1742eda48124ff8cebaa4b2f65b2e8b153
SHA512

22c7c6305f5c8e313d6740bbb0a2da2de8ba557f93fcd2ce9a3388794c38b709a5f12d917f8870f1556fe896f4ec8cf5013c1e27cc9786e5611b480422aaa005
SSDEEP

12288:XcFUncJ54irus265GoqlDX1YH0COI+w7Ror6PpGg+l2K3RYUOcCtlMBcK0IF9Px:dnYnuRcBIoGblBh3yRKrF9p

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://ciuj.ir/angel/index.php

Targets

- Target
  
  ec979706809d317ea490b0abc9409a20_JaffaCakes118
- Size
  
  713KB
- MD5
  
  ec979706809d317ea490b0abc9409a20
- SHA1
  
  06cf2ee722da1726b799da60efcc99c54f6c549a
- SHA256
  
  8134e9aaeee2160899ff6995b0d97a1742eda48124ff8cebaa4b2f65b2e8b153
- SHA512
  
  22c7c6305f5c8e313d6740bbb0a2da2de8ba557f93fcd2ce9a3388794c38b709a5f12d917f8870f1556fe896f4ec8cf5013c1e27cc9786e5611b480422aaa005
- SSDEEP
  
  12288:XcFUncJ54irus265GoqlDX1YH0COI+w7Ror6PpGg+l2K3RYUOcCtlMBcK0IF9Px:dnYnuRcBIoGblBh3yRKrF9p
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan