azorult | 847c3d58050d5d9fa51663b015e00bc2825f276c4e8d85cf4bdc16dca30be311 | Triage

Submit
Reports

Overview

overview

Static

static

1

d695371464...9a.rtf

windows7-x64

d695371464...9a.rtf

windows10-2004-x64

4

Sharing

General

Target

JaffaCakes118_847c3d58050d5d9fa51663b015e00bc2825f276c4e8d85cf4bdc16dca30be311
Size

66KB
Sample

241226-ydewyawrdn
MD5

18b81318744c9920bf245b66a4bd8ced
SHA1

fca38c80f99801baca3ffd3d6552b53107f9b51e
SHA256

847c3d58050d5d9fa51663b015e00bc2825f276c4e8d85cf4bdc16dca30be311
SHA512

f32bf2f3d7c6632d50b070f12204b8147918aafbb91bf4b322d6316cf59ec9ec5e46d5ff7697a7c1356ab477f91477062a9b46774ade0ed38eb5ed5acdd7a566
SSDEEP

1536:hYAERpdh0XY2mcRcPfEFE4yErb4YqQgVFYjkS3QJmutPMCb/Oob7T:WAaPLTUFrJqVOAS3QJbN/OE

Score

10^/10

azorult defense_evasion discovery infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

d6953714645c5b56b61f2f9ec39c186e60b40f62673cffff0ff216c57c07549a.rtf

Resource

win7-20241010-en

azorult discovery infostealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6953714645c5b56b61f2f9ec39c186e60b40f62673cffff0ff216c57c07549a.rtf

Resource

win10v2004-20241007-en

defense_evasion

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

azorult

C2

https://suspam.com/index.php

Targets

- Target
  
  d6953714645c5b56b61f2f9ec39c186e60b40f62673cffff0ff216c57c07549a
- Size
  
  241KB
- MD5
  
  5d20d729fc550b52705a6e72cb362f5e
- SHA1
  
  0b70138425b5c0de26ee2002cdbd615e0bfa11bd
- SHA256
  
  d6953714645c5b56b61f2f9ec39c186e60b40f62673cffff0ff216c57c07549a
- SHA512
  
  84e321e0eb90b910420cbadd46474fd6725b3481973c0e8322165d041227e357f0f67ae35920784443c3e51c50d3f935f3327095035888bf80cdf9741a6ca67c
- SSDEEP
  
  1536:gCBEjP41b4WzuvItfUGa2amY3EHRnAOWQWK2wmFThb4ppsyxn81be880WBOdQzhU:xfnzuWlxAOrOI0/ybSjKM4ln8
Score

10^/10

azorult discovery infostealer trojan defense_evasion
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

defense_evasion

© 2018-2025

Terms | Privacy