azorult | 6d16e305987f26976c235856cdf5cf8f707421452274563178807111649d98fd | Triage

Sharing

General

Target

6d16e305987f26976c235856cdf5cf8f707421452274563178807111649d98fd.zip
Size

212KB
Sample

250326-jqsw1asqv9
MD5

9766b7cc66eac6156805e941a430d6ef
SHA1

d5b4f7047939c09ca54ccfb753e71c323a8f1522
SHA256

6d16e305987f26976c235856cdf5cf8f707421452274563178807111649d98fd
SHA512

0b0edc79c655ca960b54aeb62cb1c70583d23703f4147e85b8e8e4f83cbfd8880987c93912a80a8efb3ef9bcf26bce4a6b99c05cd5aea4612c5eefe6a1a28a47
SSDEEP

6144:zTmAbgvwTbFFy7jx0UzRF01wTfZp2z7NIVAxlVzsS:zTmOgvwnFFAx0a01wThp2zBlzsS

Score

10^/10

azorult discovery infostealer trojan

Malware Config

Extracted

Family

azorult

C2

http://ciuj.ir/masab/index.php

Targets

- Target
  
  file.exe
- Size
  
  606KB
- MD5
  
  2dd4ed969e9e36f8ab90eb52e248afdb
- SHA1
  
  3dfb842f5d24059e3aad4724d6c07b9d4d675131
- SHA256
  
  373ea9d6b1b0a80139154d2923416f3989c697ed248eee940331b88afacea073
- SHA512
  
  a486728fd5a56ab8bc30baa8b756b5d9f799a9dcbd202c7ee3af15e81a08047404dba7f14e30484efc48ffbca30c2cce8db1b726b3f337cadf5ced589ebe5158
- SSDEEP
  
  6144:FfDQgYnvhZQ3p4R6Vnd80oeybULkhyZLRcrKtDqmZQJTG6R3zhj3+JXnK:FfsBn3QdcB1KLDDCFFSXnK
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

azorultdiscoveryinfostealertrojan

behavioral2

azorultdiscoveryinfostealertrojan