azorult | e0cc0114b11792660308b61778c57476acfdf450157d8c996f60b7d04e312aee | Triage

Sharing

General

Target

JaffaCakes118_e0cc0114b11792660308b61778c57476acfdf450157d8c996f60b7d04e312aee
Size

368KB
Sample

241230-afxb1a1nep
MD5

c5a4cd200073b8fd5478c8d8005d1811
SHA1

faf0da44fdb9dec86ba54c99ca778bc52bed715c
SHA256

e0cc0114b11792660308b61778c57476acfdf450157d8c996f60b7d04e312aee
SHA512

bea799fb8ec2c6042701053025263548bac01dfad19bbf8bab8be9d5d767aa25e4ab7d1919017c2d12aa5ce6e1df499092318c52e3c9e1a667c0a814cba5b386
SSDEEP

6144:MXkA4UvJXFkr1w9KsvsQRdz5lkFXfqRyPrC+2c0c86atO9bpMM:MkA4thas8sihWa2bpl

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://139.59.36.90/index.php

Targets

- Target
  
  PURCHASE ORDER.exe
- Size
  
  801KB
- MD5
  
  3b383cec6e449a3a89b384425389cd12
- SHA1
  
  a4273c99be23d20e15182a3e9899bc764ab6f205
- SHA256
  
  fa7607fe08f0cc262ff4500613d08fdfabe6a0b072cf7d9fcc886a204164fac1
- SHA512
  
  d695fdcfa87fad7c22d4147022882288cac8c541c6de0f059ad1874922eed778e08cfd41c354bea607749b12e6911df6dc946512840f99a043f096e946c4b33f
- SSDEEP
  
  6144:cZsW6Uq+gwLKsbsQ9dz5hcFzf2nyPHCk2cAc868tG9:cGUq8sq8qFW8C
Score

10^/10

discovery azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

azorultdiscoveryinfostealertrojan