General
-
Target
799667af57a95a533d10863a658c30bb_JaffaCakes118
-
Size
688KB
-
Sample
241028-pfd8razakl
-
MD5
799667af57a95a533d10863a658c30bb
-
SHA1
952615061f288c135f73c7d25cf4f1f10217b7a8
-
SHA256
c74313aab2a5ab68bd3645525e6a2187d20281b8874edecbbdcc8f9ebcb97fed
-
SHA512
6a215ba28aff45d85e83e7935d37786839c0cd495583ce9150ddd5bc4266e62a4daef299aedd7880952562b1e596999fc6cb1f079258420e83ac2fd9907cb6ef
-
SSDEEP
12288:9Qnk3GDYKGcblfxTLWFNThvEjjZobhBrLq8PlCIur/xg4nAOoW6n0zi:HAOcZZTLWvNkenrLqF/n760zi
Static task
static1
Behavioral task
behavioral1
Sample
799667af57a95a533d10863a658c30bb_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
799667af57a95a533d10863a658c30bb_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
799667af57a95a533d10863a658c30bb_JaffaCakes118
-
Size
688KB
-
MD5
799667af57a95a533d10863a658c30bb
-
SHA1
952615061f288c135f73c7d25cf4f1f10217b7a8
-
SHA256
c74313aab2a5ab68bd3645525e6a2187d20281b8874edecbbdcc8f9ebcb97fed
-
SHA512
6a215ba28aff45d85e83e7935d37786839c0cd495583ce9150ddd5bc4266e62a4daef299aedd7880952562b1e596999fc6cb1f079258420e83ac2fd9907cb6ef
-
SSDEEP
12288:9Qnk3GDYKGcblfxTLWFNThvEjjZobhBrLq8PlCIur/xg4nAOoW6n0zi:HAOcZZTLWvNkenrLqF/n760zi
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Azorult family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-