Analysis
-
max time kernel
92s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
26-09-2024 10:52
Behavioral task
behavioral1
Sample
8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39.exe
Resource
win10v2004-20240802-en
General
-
Target
8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39.exe
-
Size
112KB
-
MD5
fc7ff7397010d34501d9a0a725637c1a
-
SHA1
213c77163e360a38ee0090fef436592d2527711b
-
SHA256
8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39
-
SHA512
b895012ab2b91a9f6a25e4ba50f8568bc7b976a851abe94c9fc2b60269ff837c09a1fffd61ab13698cac81492e38d3655e0b7a63b1bbf18203f1748389d5b8f4
-
SSDEEP
3072:KExRaQ6raoCoCyz6/mqv1JR+yBtGOeaeWgiQq:faO1tme++wi/
Malware Config
Extracted
azorult
http://mg5n.shop/ML341/index.php
Signatures
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8ab4dc8b9dd4ef04daf96283fb32fda0c23875c4af532186376057894a9c2c39.exe