General
-
Target
ed0036978d1f0d13c67c94edc283e131_JaffaCakes118
-
Size
650KB
-
Sample
241213-2cmf6szndx
-
MD5
ed0036978d1f0d13c67c94edc283e131
-
SHA1
5176e4a336fce9a98fb19d3fcb43c3510dc85f64
-
SHA256
a18751ed6b5abd2fa637e0d4aa4eb794ee98b00e631c0fd2a4f92e9aeeca53e5
-
SHA512
26724f913b8e51fd883ba74f298429fa17ac367c02d6437f271eca670f3243fc4a86713fc80a2c759bb43366390bd32bc6fb3485baebb7ece36d4a7edf37a88c
-
SSDEEP
12288:VV0WtzPtYaer5hxPY3bvl/ZeUEjZZaJ8SsBdYaer:VV0WVMr5TYLFUa8SsSr
Static task
static1
Behavioral task
behavioral1
Sample
ed0036978d1f0d13c67c94edc283e131_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ed0036978d1f0d13c67c94edc283e131_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
azorult
http://193.247.144.166/index.php
Targets
-
-
Target
ed0036978d1f0d13c67c94edc283e131_JaffaCakes118
-
Size
650KB
-
MD5
ed0036978d1f0d13c67c94edc283e131
-
SHA1
5176e4a336fce9a98fb19d3fcb43c3510dc85f64
-
SHA256
a18751ed6b5abd2fa637e0d4aa4eb794ee98b00e631c0fd2a4f92e9aeeca53e5
-
SHA512
26724f913b8e51fd883ba74f298429fa17ac367c02d6437f271eca670f3243fc4a86713fc80a2c759bb43366390bd32bc6fb3485baebb7ece36d4a7edf37a88c
-
SSDEEP
12288:VV0WtzPtYaer5hxPY3bvl/ZeUEjZZaJ8SsBdYaer:VV0WVMr5TYLFUa8SsSr
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Azorult family
-
Suspicious use of SetThreadContext
-