azorult | 75fcb8b576b9ed3884ea0d10fdb1b29575dbf9a3099ee7f456d81c41a1400eb4 | Triage

Sharing

General

Target

75fcb8b576b9ed3884ea0d10fdb1b29575dbf9a3099ee7f456d81c41a1400eb4.r01
Size

640KB
Sample

250312-c989rsvlz7
MD5

532658b002629a8aabd8a8145a60ff41
SHA1

835a3e4a60b6eda138c99dc03e8b494447838675
SHA256

75fcb8b576b9ed3884ea0d10fdb1b29575dbf9a3099ee7f456d81c41a1400eb4
SHA512

a94d2215d314d4b3927c6db616a37e190ac0b99e7f6c2dddc44d35eabdaf0e9f67333657c4cdd62073a94b36c069d6c4f1132139b44873c0854d344940ee96ab
SSDEEP

12288:1BIiQf8ruOuvop3lPKuq1hw6rLqij6tYURfF6ylg3M2AQngIP87E1:7Ibf8ruOumFPqvrGTyURfF6yu3M2AcYk

Score

10^/10

azorult discovery execution infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://gd53.cfd/TL341/index.php

Targets

- Target
  
  MG710417.exe
- Size
  
  715KB
- MD5
  
  66ef84b6805972a29ec37b229201a9ca
- SHA1
  
  a0bd886bfd638ad32eaf0a024aa02249a06ee96f
- SHA256
  
  a56436df8a2fedd2624c035ab834db76f6ee24d636a9a72d5fa4c04f7b0daa54
- SHA512
  
  ecca6d0cc05d3fabb747a045ca3b6491db136ea1e3a6249b7324841ce118378001a6e6e3dc46ef57f2d7f8efc1f8392bd6fa49a9d08f76f352ed2c5997561834
- SSDEEP
  
  12288:2i6dsV0pMDI2RM5Sl96gUIfK/URUiPn98zC/2qvhHWUnHZW9dF/:cckemG96zIfmetn+hWBWU5WN/
Score

10^/10

discovery execution azorult infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2
- Target
  
  Los107.Raj
- Size
  
  55KB
- MD5
  
  fd68605dede5dff48ac0498675704de0
- SHA1
  
  f1150379e8b26b01329c9af71dcaee0baf3ce819
- SHA256
  
  b4bcc505d66a46af9185af84e5472ef5045cf4abfe722207076d34fbf6df40d7
- SHA512
  
  36f1b2ed7cfe46141deef05cc236941363bd2ef54b3e627312f3f81d3217403a65ee4e1c94e6dce3edad99178e1263ab80f5d10b821bbf585ebdfd1b1400491f
- SSDEEP
  
  1536:XyhNN+u6AmjiFn3849RlX1Kdwfcdivcr8n:ihr4+nnlKTEUu
Score

3^/10

execution
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

azorultdiscoveryexecutioninfostealertrojan

behavioral3

behavioral4