Overview

overview

10

Static

static

1

680a16672a...18.exe

windows7-x64

10

680a16672a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    680a16672a17dfdbdae661e74c20455b_JaffaCakes118

  • Size

    431KB

  • Sample

    241022-am19jaxepn

  • MD5

    680a16672a17dfdbdae661e74c20455b

  • SHA1

    4c0021b38f2a39085038cf530373deb688c4cb7e

  • SHA256

    08fe1b52f9d2b76164cf910b62ea0509774cae293fb24d735c53ca5f76be8ff1

  • SHA512

    7d4fd32e5077fe8b4d386100641a475e0cdb774507245707898d4d1ffd5813669be014bb77111a98f76536949cbfe3af050f41f14ed1dd011ea9114adf779c93

  • SSDEEP

    6144:kc0h522p3l04ZMSmIp3Uy28uhyZsYRsq3+V0z2wJSubgmxyDug/vLDXW:Shxp3lZnT9bDiYRsq3+w26faP7q

Score
10/10
azorultdiscoveryexecutioninfostealertrojan

Malware Config

Targets

    • Target

      680a16672a17dfdbdae661e74c20455b_JaffaCakes118

    • Size

      431KB

    • MD5

      680a16672a17dfdbdae661e74c20455b

    • SHA1

      4c0021b38f2a39085038cf530373deb688c4cb7e

    • SHA256

      08fe1b52f9d2b76164cf910b62ea0509774cae293fb24d735c53ca5f76be8ff1

    • SHA512

      7d4fd32e5077fe8b4d386100641a475e0cdb774507245707898d4d1ffd5813669be014bb77111a98f76536949cbfe3af050f41f14ed1dd011ea9114adf779c93

    • SSDEEP

      6144:kc0h522p3l04ZMSmIp3Uy28uhyZsYRsq3+V0z2wJSubgmxyDug/vLDXW:Shxp3lZnT9bDiYRsq3+w26faP7q

    Score
    10/10
    azorultdiscoveryexecutioninfostealertrojan

    • Azorult

      An information stealer that was first discovered in 2016, targeting browsing history and passwords.

      trojaninfostealerazorult

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks