Extracted

• • Target

    ad401aa801e0712daf9af034df51260b_JaffaCakes118

  • Size

    3.7MB

  • MD5

    ad401aa801e0712daf9af034df51260b

  • SHA1

    ab224476ac26857e3b5a9b547c4645dba25f6d18

  • SHA256

    b9b723b76ccf8cb0f026ef8d68782506fd06d4af0c7e00400898362e4953bd47

  • SHA512

    765b9cdd4570e21757ac5c33647ec830f1ae1684c72b51b99768af95854b041c066e05c99399606f242b821715070331c3e48800a56ff104a3277378d6ed99ca

  • SSDEEP

    98304:lAYRWJ3guzrI7fiL9tgZZEkpDwyPVg1b3QOQYRitH0RSXJgGCnUMW8BMHDWXN:lPWLr3gzNPPVg1brJRitJ5gHD7ma

  Score

  10^/10

  azorultdiscoveryinfostealertrojanupx

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Azorult family

    azorult

  • Executes dropped EXE

  • Loads dropped DLL

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2