azorult | 21314041b5b17d156a68d246935ab476d3532a1c9c72a39b02d98a6b7ef59473 | Triage

Sharing

General

Target

onetap.exe
Size

112KB
Sample

241227-fp586asjfx
MD5

fadf16a672e4f4af21b0e364a56897c3
SHA1

53e8b0863492525e17b5ce4ff99fb73a20544b87
SHA256

21314041b5b17d156a68d246935ab476d3532a1c9c72a39b02d98a6b7ef59473
SHA512

d9b756b98fcb1451431223b40e46c03f580dc713f445d3a4ff694784df3d8fff3d40985dd792d1bae717d5eca00c1471b1b628837267ee583386f5abcddac3f5
SSDEEP

3072:aixRaX6raoCoCyz6/mqv1JR+yBtGOeheWginJq:laZ1tme+1win4

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

- Target
  
  onetap.exe
- Size
  
  112KB
- MD5
  
  fadf16a672e4f4af21b0e364a56897c3
- SHA1
  
  53e8b0863492525e17b5ce4ff99fb73a20544b87
- SHA256
  
  21314041b5b17d156a68d246935ab476d3532a1c9c72a39b02d98a6b7ef59473
- SHA512
  
  d9b756b98fcb1451431223b40e46c03f580dc713f445d3a4ff694784df3d8fff3d40985dd792d1bae717d5eca00c1471b1b628837267ee583386f5abcddac3f5
- SSDEEP
  
  3072:aixRaX6raoCoCyz6/mqv1JR+yBtGOeheWginJq:laZ1tme+1win4
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan