General
-
Target
http://1000tabletok.ru
-
Sample
241029-lrn1jsvqar
Score
10/10
Malware Config
Extracted
Family
azorult
C2
http://boglogov.site/index.php
Targets
-
-
Target
http://1000tabletok.ru
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Azorult family
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Stops running service(s)
-
Executes dropped EXE
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Impair Defenses
2Disable or Modify System Firewall
1