azorult | b7d284088c1c67768fbc8e337c6670bc96584ebf63015a7285353f1a39234954 | Triage

Sharing

General

Target

fbcc60e72ff12749191fbe0f9b1536ad_JaffaCakes118
Size

560KB
Sample

240928-jcer8atejk
MD5

fbcc60e72ff12749191fbe0f9b1536ad
SHA1

4356484a628bfc29e3de4b2b6b667de9e05be591
SHA256

b7d284088c1c67768fbc8e337c6670bc96584ebf63015a7285353f1a39234954
SHA512

ca0015617ad18ea02dd39020ba23ce7fffea461186fd6b9f0cc48f393b02b993dc33ec2e5f2ad235075b3852493481a91ab2938940da8864fd22b73a275552f5
SSDEEP

12288:8h1Lk70Tnvjc286/WS6gmGlMcgjyd5z/9jnQn2XeLDNSQP90z+Q:Ik70Trc28PhyHnEtLdyqQ

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

- Target
  
  fbcc60e72ff12749191fbe0f9b1536ad_JaffaCakes118
- Size
  
  560KB
- MD5
  
  fbcc60e72ff12749191fbe0f9b1536ad
- SHA1
  
  4356484a628bfc29e3de4b2b6b667de9e05be591
- SHA256
  
  b7d284088c1c67768fbc8e337c6670bc96584ebf63015a7285353f1a39234954
- SHA512
  
  ca0015617ad18ea02dd39020ba23ce7fffea461186fd6b9f0cc48f393b02b993dc33ec2e5f2ad235075b3852493481a91ab2938940da8864fd22b73a275552f5
- SSDEEP
  
  12288:8h1Lk70Tnvjc286/WS6gmGlMcgjyd5z/9jnQn2XeLDNSQP90z+Q:Ik70Trc28PhyHnEtLdyqQ
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan