azorult | 94ed2192d082b1fadb6885f35e132957b28d6c7b3ec045c7599bf4eb611145c5 | Triage

Sharing

General

Target

94ed2192d082b1fadb6885f35e132957b28d6c7b3ec045c7599bf4eb611145c5.zip
Size

323KB
Sample

250326-x9a27atlz5
MD5

c4dd8d54f12622b0f986bf41a6aae4ce
SHA1

1858b25b813a53ef4c635b80081728995f010b2a
SHA256

94ed2192d082b1fadb6885f35e132957b28d6c7b3ec045c7599bf4eb611145c5
SHA512

b30aa06711e8e1e0bda0d4327a5e91be5fec98b62cd79a704d2834534ee299540278d43a9aa24f3b45d59564a1885a8624495e8f60940ca03f0be5e3070cf091
SSDEEP

6144:M8nxEpH612TdovIhaS7Ja66qXXVcpbqIQIaoabLlij3FA9hQdES0F8:MQE5P6vIYE9XXLb2FrEP8

Score

10^/10

azorult discovery execution infostealer macro macro_on_action trojan

Malware Config

Extracted

Family

azorult

C2

http://23.249.162.26/DB1/index.php

Targets

- Target
  
  stage1-macro.xls
- Size
  
  36KB
- MD5
  
  0f49e06aaab8816a9d95815e749fb291
- SHA1
  
  e124c99646e1d7fa682e465630eda2159172dcb1
- SHA256
  
  f5190d29af5ba58c45b138751593e2f5ed014d42e5c37f05f6ea98ee8838c9e2
- SHA512
  
  c09fa102c120b8e3cd7cddd88fa7d228f551be6ba81727bff8dbab84520bc7e456e82288fa91a86d18b9447fe3e2e866fc2dc4733d19b84666a4cdbfb50308e0
- SSDEEP
  
  384:AGF3dXzjwE8qUGiKu7kriCj1wnb9uCFtw5HNqldMbhuDBfrgfXGvmeeernB/:VdDD8qji/7GikKu0YHT9vv
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  stage5-azorult.dll
- Size
  
  112KB
- MD5
  
  7f542542826cd8de17492d0fa34cde9a
- SHA1
  
  d9d517fd44b769235c85fb7d37dcdf3e7a04d57f
- SHA256
  
  5140c53c5f3e25069731a723d05f52dd3b7e36437ab56c2456b751f229cf1491
- SHA512
  
  d2286c1d84368bcff8d0d74c7970bb04b696475d553403a45926cfa5bead1e9b89883936a75a4293a7c7c36b8e05bcf8a98c8453e3cfa98ab90a8f22bde3a87b
- SSDEEP
  
  3072:tuOSXpMx7ZAlHsbfUkolNGti7lfqeSxM3SpyEY3E/Bxg/:Zzx7ZApszolIo7lf/ipT/B
Score

10^/10

azorult discovery infostealer trojan
- Azorult
  An information stealer that was first discovered in 2016, targeting browsing history and passwords.
  trojan infostealer azorult
- Azorult family
  azorult
behavioral3 behavioral4
- Target
  
  stage5-loader-cleaned.dll
- Size
  
  15KB
- MD5
  
  a5278995039672bd3de9e40540299a57
- SHA1
  
  c99635cef5ba30dce72261f7c97c1667d24e4d0f
- SHA256
  
  43a2cf02496ee1e84890a28bca0479e7731ad04dfe455602ab870439cd2fbae5
- SHA512
  
  3c6575414a1f9bf5e59ccdf40f5ffb18a1a58b2ed2192f72404fda715450c645fa5b55a796053aab39cc56f7ef4be3870d35adc262dbfe741b3808953c0168ab
- SSDEEP
  
  384:XiAWfOkeqhvhtKORqU8zllnJQkpPtmUDKr+2QY79qVL:yYqhbKOR18zltJQkf1K5qVL
Score

1^/10
behavioral5 behavioral6
- Target
  
  stage5-loader-powershell.txt
- Size
  
  116KB
- MD5
  
  80e2e396d44b09e705df6ee97f5c0698
- SHA1
  
  945118df45bcc5e46135cbc75618f6bdedaad216
- SHA256
  
  c38b4ff3cac46ff48057753f59d3125c2661404ca7bf096025f5b0b547ec30d5
- SHA512
  
  d4c026dcf863843ac2cb052ea5e6a17581d018496cd005ae2932f70f762c09a6590d62dd5a1931a46a815a0aef8ce2f7484d4385b48d95ac76e7d460691f990f
- SSDEEP
  
  3072:UQ8RiGBD5USCv7OqeTzca2lS3PvZmH2t8W8iDh5keyHt3TJqAOZKS2CiaVOiU8F7:UQWiGl5oKzca2AE2t8t5t3DYnl32LK
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  stage5-loader.dll
- Size
  
  62KB
- MD5
  
  c726636d2b7f8c838f7f882071181c95
- SHA1
  
  209b0096de6dc9011d5dba96d8ea349925a85b60
- SHA256
  
  7405ccc472d41a2d3dbe289a92f1c129d50633d0271609e07b5bb280ef5bb08b
- SHA512
  
  4a18340119d7eaa7178ecfbe0870c0fbb81cd9d4d89f79b49c0893a9549347b75b2c9cefde316c5ffd9b569c73070a8ce06ad1f1916a25e66c6c21da0463366a
- SSDEEP
  
  1536:FNG0y8x4H+zeICDjRKsz8zRijV+UOofxIr:Nx4H+S1jRKsz8zs+UOofxU
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_actionazorult

behavioral1

behavioral2

behavioral3

azorultdiscoveryinfostealertrojan

behavioral4

azorultdiscoveryinfostealertrojan

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10