AZORult Malware

    Friday, September 13, 2024 In: Threat Research Print

    Date: 09/13/2024

    Severity: Meium

    Summary

    AZORult is a type of malware known as an information-stealing Trojan. It primarily targets Windows systems, aiming to steal sensitive data such as passwords, credit card details, and other personal information. AZORult is often distributed through phishing emails, malicious downloads, or compromised websites. Once installed, it can capture and exfiltrate data from browsers, email clients, and various applications. The malware can also download additional malicious payloads and provide remote access to infected systems. Due to its ability to harvest and misuse sensitive information, AZORult poses a significant security risk to individuals and organizations.

    Indicators of Compromise (IOC) List

    Hash

    8f391db2fc8b0c6be72425cd5e8f8369

f34d46989b27c8a7c40d395b0afd9c86

61e488a7dca5e373cec43f8ff126428c

97cc0e7d7caa3483e4c5e5cff9fbe67e

1c8b5bc446ce36fadff5ee444c0d7085

c94fa3368eb4946aad49c82a613d3cbe40266a60

e4a7ec238d8435b094c5a38a601e133da646b4fb

1bb2b75b211f0e2f67517876d76c3f0bf3457b70

e74e03ad3d8f52ce5858a5e8208343fa04a2b367

20a3d75445c9d3a75cf430c2f28cd3879c37bdde

856d0a974a7e4eefc2d79baaf9ff34aacc6cf0f721804299fbff8d90c661e190

0876a062221ba67194143bb2b1fc83d87b22860cf5e8cff64239b4b9dc251d11

a5c710cd7d220f75e78f08ca89a3017ae08ad6761d57473e4a9f55df02c47d58

65e1b5713b271302e96bab80440f744c13c953749562603ea3ee03eda880f9ea

1dfc5e26c8fc4d0b4cfd8bf008b5ace5f4e512314f6ac4d8006b04c7217c26dd

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    Hash
    Query 1

    md5hash IN ("61e488a7dca5e373cec43f8ff126428c","97cc0e7d7caa3483e4c5e5cff9fbe67e","f34d46989b27c8a7c40d395b0afd9c86","8f391db2fc8b0c6be72425cd5e8f8369","1c8b5bc446ce36fadff5ee444c0d7085")

    Hash
    Query 2

    sha1hash IN ("e74e03ad3d8f52ce5858a5e8208343fa04a2b367","1bb2b75b211f0e2f67517876d76c3f0bf3457b70","e4a7ec238d8435b094c5a38a601e133da646b4fb","c94fa3368eb4946aad49c82a613d3cbe40266a60","20a3d75445c9d3a75cf430c2f28cd3879c37bdde")

    Hash
    Query 3

    sha256hash IN ("856d0a974a7e4eefc2d79baaf9ff34aacc6cf0f721804299fbff8d90c661e190","a5c710cd7d220f75e78f08ca89a3017ae08ad6761d57473e4a9f55df02c47d58","65e1b5713b271302e96bab80440f744c13c953749562603ea3ee03eda880f9ea","0876a062221ba67194143bb2b1fc83d87b22860cf5e8cff64239b4b9dc251d11","1dfc5e26c8fc4d0b4cfd8bf008b5ace5f4e512314f6ac4d8006b04c7217c26dd")

    Reference: 

    https://www.rewterz.com/threat-advisory/azorult-malware-active-iocs


    Tags

    MalwareTrojan

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2024 by Gurucul - All rights reserved.