azorult | 08e0421fa353767d47c42eaab0169124626eb8e5ed4e801a0a279e93481aee96 | Triage

Sharing

General

Target

JaffaCakes118_08e0421fa353767d47c42eaab0169124626eb8e5ed4e801a0a279e93481aee96
Size

249KB
Sample

241229-av58fswqaw
MD5

28d602e477a1a91ff9050a82b164a01b
SHA1

7abbadc94e56730ba4ccaf61e53f48c0f09170c9
SHA256

08e0421fa353767d47c42eaab0169124626eb8e5ed4e801a0a279e93481aee96
SHA512

03113cab3ab56836969b536e01576925cf7fd23967246e93d89bcb5a3db4899e7e1605f1c46ca7fe4ebc4fbe006c9ecd5d67e08de78bc85e995f2b32227e8cb3
SSDEEP

6144:31BS5XUDuEJ8IOdLhGwrFTu4jO7sqvU5WVKe:31AXXOOJh9u4q7sqvV

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

https://sterline.lt/lokk/32/index.php

Targets

- Target
  
  invoice.scr
- Size
  
  356KB
- MD5
  
  0f62ad64933edb9e9a62124f8f965d8c
- SHA1
  
  56f858b120126d45e384da71cc198a4f8f87870f
- SHA256
  
  c6971c3516ab280c7c6985ccc94062547116fcd3a7593fc84704030169c16e59
- SHA512
  
  61e28fd209bbe5ee006e5afc751fe441a89d98ca2471139ff5c6f825af402b408d90d8fab8acf51116d09e6d4329220f6a24238f8bdd282711181cf6231c677e
- SSDEEP
  
  6144:MuajV0soFB7EjP4sVsyBV3Z9pXXrScKNzoybha6X:MrpL0B7mPwyV33xXrREdhaA
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan