General
-
Target
eeed405f3209bd54c4fd527ead6b0779_JaffaCakes118
-
Size
1.1MB
-
Sample
240921-c755bs1gnk
-
MD5
eeed405f3209bd54c4fd527ead6b0779
-
SHA1
463a31fe8d5f37248ee7211e91ba988fe8a9a03b
-
SHA256
a40fdafd79bca9efe3b14ae56b6a074d58970b1954e5c0bf0412a510f8b4d5cb
-
SHA512
dfe9d04669a998bef4f1350cfea36f6ef1871c29f4229401ebef29b3460a801245dec01f8b2fd5ec3f23207f671dc754263b2e1825278251bc026510dace138d
-
SSDEEP
24576:9dHPXnvcC964ukjOs1iq8ZqI1IT96t8mF7dI4Tr9:99vvM4sHq9Q8q7Vt
Static task
static1
Behavioral task
behavioral1
Sample
eeed405f3209bd54c4fd527ead6b0779_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eeed405f3209bd54c4fd527ead6b0779_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
azorult
http://jatkit.ga/h0l/index.php
Targets
-
-
Target
eeed405f3209bd54c4fd527ead6b0779_JaffaCakes118
-
Size
1.1MB
-
MD5
eeed405f3209bd54c4fd527ead6b0779
-
SHA1
463a31fe8d5f37248ee7211e91ba988fe8a9a03b
-
SHA256
a40fdafd79bca9efe3b14ae56b6a074d58970b1954e5c0bf0412a510f8b4d5cb
-
SHA512
dfe9d04669a998bef4f1350cfea36f6ef1871c29f4229401ebef29b3460a801245dec01f8b2fd5ec3f23207f671dc754263b2e1825278251bc026510dace138d
-
SSDEEP
24576:9dHPXnvcC964ukjOs1iq8ZqI1IT96t8mF7dI4Tr9:99vvM4sHq9Q8q7Vt
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-