azorult | 8e8e6ea45823cc7c984f547624b45ca913a8ba81a9d1289cb59ccb56f93cbd54

Analysis

max time kernel
5s
max time network
99s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
22-09-2024 10:09

Target

8e8e6ea45823cc7c984f547624b45ca913a8ba81a9d1289cb59ccb56f93cbd54N.exe
Size

2.0MB
MD5

92b4e1b83bd1d806d59f6eee8a28ffa0
SHA1

75238a373abd56968689c81693b72c1590875a23
SHA256

8e8e6ea45823cc7c984f547624b45ca913a8ba81a9d1289cb59ccb56f93cbd54
SHA512

e6e767cf9172a5ee499d7a3fc187db2fc4ab0bf49719f35e6c87a7bdb48c2b7592e2b2437bc7aa5b79fed541b10190db5809856f5f2275460d783da77fc233c4
SSDEEP

24576:su6J33O0c+JY5UZ+XC0kGso6FaI1IXgM6YmenKKSUlmDaGJTA4Pqa6jUvOkQwKY0:2u0c++OCvkGs9Fap5aLKLkDl+dUvO9Yq

Score

10^/10

Family

azorult

http://0x21.in:8000/_az/

Family

quasar

Version

1.3.0.0

Botnet

EbayProfiles

5.8.88.191:443

sockartek.icu:443

Mutex

QSR_MUTEX_0kBRNrRz5TDLEQouI0

Attributes

Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
trojan infostealer azorult

Quasar RAT 3 IoCs

Quasar is an open source Remote Access Tool.

Processes:

8e8e6ea45823cc7c984f547624b45ca913a8ba81a9d1289cb59ccb56f93cbd54N.exe

description	flow	ioc	Process
Key opened		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	8e8e6ea45823cc7c984f547624b45ca913a8ba81a9d1289cb59ccb56f93cbd54N.exe
	12	ip-api.com