azorult | d9f20fbf64170d65d1a1f2fd66a997913cab8ddb1389df8b1fd1e7ae0f1d0b5b | Triage

Sharing

General

Target

cHSzTDjVl.exe
Size

112KB
Sample

250204-fvx5qswpgs
MD5

043fe9d1a841d94435f8882125769b0c
SHA1

f410048ce061a747048dee6166ef001a6448871d
SHA256

d9f20fbf64170d65d1a1f2fd66a997913cab8ddb1389df8b1fd1e7ae0f1d0b5b
SHA512

40f15d849cf49a6965c7feb86f52fdcb96b84e4bd3f3aba26010e7ac44168cbbd27ee97bab4e34dbff0550e64eb65f2fb403a96bd8fc9275fdbb573d4bd3ffcc
SSDEEP

3072:KExRaX6raoCoCyz6/mqv1JR+yBtGOeheWgin8q:faZ1tme+1winj

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://195.245.112.115/index.php

Targets

- Target
  
  cHSzTDjVl.exe
- Size
  
  112KB
- MD5
  
  043fe9d1a841d94435f8882125769b0c
- SHA1
  
  f410048ce061a747048dee6166ef001a6448871d
- SHA256
  
  d9f20fbf64170d65d1a1f2fd66a997913cab8ddb1389df8b1fd1e7ae0f1d0b5b
- SHA512
  
  40f15d849cf49a6965c7feb86f52fdcb96b84e4bd3f3aba26010e7ac44168cbbd27ee97bab4e34dbff0550e64eb65f2fb403a96bd8fc9275fdbb573d4bd3ffcc
- SSDEEP
  
  3072:KExRaX6raoCoCyz6/mqv1JR+yBtGOeheWgin8q:faZ1tme+1winj
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan