Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system -
submitted
24-12-2024 11:02
Behavioral task
behavioral1
Sample
abd6c1f331de27aff1e2bbc3e79856aa66e13f36ea2f0fc3cd81b914b4779077.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
abd6c1f331de27aff1e2bbc3e79856aa66e13f36ea2f0fc3cd81b914b4779077.exe
Resource
win10v2004-20241007-en
General
-
Target
abd6c1f331de27aff1e2bbc3e79856aa66e13f36ea2f0fc3cd81b914b4779077.exe
-
Size
112KB
-
MD5
b89d7fda2fe9355fbb134838536fb0fb
-
SHA1
cb41b67c5f79cf6a0eda33d2e988e26fee0e383e
-
SHA256
abd6c1f331de27aff1e2bbc3e79856aa66e13f36ea2f0fc3cd81b914b4779077
-
SHA512
42303a8f6c8345f380a4db460d601b53bdaf4994a0007486394d36cbfb5115782f544f05e0a23903b7c33d7d09f8e5c38a5963075ee9debf007871fabcb15fa6
-
SSDEEP
3072:tuOSXpMx7ZAlHsbfUkolNGti7lfqeSxM3SpyEYnE/Ixg/:Zzx7ZApszolIo7lf/ipT/I
Malware Config
Extracted
azorult
https://suspam.com/index.php
Signatures
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Azorult family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language abd6c1f331de27aff1e2bbc3e79856aa66e13f36ea2f0fc3cd81b914b4779077.exe