General
-
Target
Euro_Truck_keygen_by_KeyGenGuru.zip
-
Size
5.0MB
-
Sample
241128-xjhz4swpbt
-
MD5
5e4b59eafe95c4c282e2cc0e583e9c2e
-
SHA1
60718f8cf1624b17dccc19cec627e253915e4beb
-
SHA256
064ac471f84251c90c80fcd9c758c4e0a83f59a7d4fb584af0c7f3599b9efbf6
-
SHA512
97ebb4c22eededaa581c98a7f9dcd8a0e8975b91f5792fb2594e6796e70161ab349274fba0c040b72b74893a11e143706638fa504ed8c8bcd763b8db66a25f87
-
SSDEEP
98304:m3jyuGTLyzbghu+UolRNLUg1dX/OY+EZZIOpqTeJTJYq8paLm+MCCuRtPyWA7XVc:m3Wd8bgh3ULiX5LZZhpseJTJbax+dCuV
Static task
static1
Behavioral task
behavioral1
Sample
Euro_Truck_keygen_by_KeyGenGuru.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Euro_Truck_keygen_by_KeyGenGuru.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
azorult
http://upqx.ru/1210776429.php
Extracted
pony
http://top.regdnl.ru/bussin/gate.php
Targets
-
-
Target
Euro_Truck_keygen_by_KeyGenGuru.exe
-
Size
5.1MB
-
MD5
292885a40b0c89d819ab4b4fe3adf302
-
SHA1
7f5588147add8e4f4909068220527762b1bbfc2b
-
SHA256
b1f2b5a112f09308cf736e3746a11bd09fe84c7024d1601a44ede496361acb65
-
SHA512
23e6f515d8691a590e1c27ee84a41437996433612b9de39c9b59e3c2562e0394beb226211a45febd930b57eb9508b747bad981a747759100cb27e7835ed72550
-
SSDEEP
98304:ehbGvDuZFqCrXL+Shff+vW7t4p7bQzVxiGfCI7hnqWo/WDkoLRY7G:eh5zqcLf++aMzV0GqI7B5oODkoLRYa
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Azorult family
-
Pony family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-