Overview

overview

10

Static

static

7

ed93a59e04...18.exe

windows7-x64

10

ed93a59e04...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-09-2024 12:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ed93a59e0415752f2b397a5ca2f330bf_JaffaCakes118.exe

  • Size

    139KB

  • MD5

    ed93a59e0415752f2b397a5ca2f330bf

  • SHA1

    b51beb92ad40d4fd244a1653fa7a20b96fcc6dc3

  • SHA256

    26118991c284f8c01f1c98848cf12378e48366c6ef83b83eca6ffd45f23d06f8

  • SHA512

    bfe399cee990aa3508d942b0bbbde68524cced6fea035e84e7f34e1f81cb4f69816da897acf9bf0a6c6d0023899216bba1872585c3c192fea26827098ffe24fb

  • SSDEEP

    3072:L5dDg5uEMvMVhq3cDy35epeFVDxAEF7iNhHBLfWRW5R/PS:LDgzMvMkcuJROEF2NxBDc8P

Score
10/10
azorultdiscoveryinfostealertrojanupx

Malware Config

Extracted

Family

azorult

C2

http://51.15.62.59/AED77D05-A028-477C-B013-04F33F1385C3/index.php

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\ed93a59e0415752f2b397a5ca2f330bf_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ed93a59e0415752f2b397a5ca2f330bf_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3612-0-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3612-1-0x0000000002210000-0x0000000002226000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3612-2-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3612-3-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3612-4-0x0000000002210000-0x0000000002226000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3612-6-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/3612-8-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3612-10-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/3612-11-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download