Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities
July 23, 2021Rewterz Threat Advisory – CVE-2021-3640 Linux Kernel sco_send_frame function
July 23, 2021Rewterz Threat Advisory – Multiple Apple macOS Vulnerabilities
July 23, 2021Rewterz Threat Advisory – CVE-2021-3640 Linux Kernel sco_send_frame function
July 23, 2021Severity
Medium
Analysis Summary
AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive information from infected systems. The malware is also able to steal cookies, browsing history, cryptocurrency, and ID/passwords. Exploits such as phishing emails and Fallout Exploit Kit (EK) paired with social engineering techniques are major infection vectors of the AZORult malware. The malware can also be used as a loader to download other malware.
Impact
- Information Theft
- Credential Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- 37fb9ee65758519d474bb478d98e726c
- 302b089cdad737572251ed036c828168
- 997f26e502eb7d3c839b71ab5e77a647
- bc904927d9ebfa31a0f15a892c0a3311
- 5ce1dfea51762cced77e4ac95ad89530
- 687e87a06d051f3d2734d4cf800a9bc8
SHA-256
- 2c714652b562b522bd763163a0fb59b995d3b00d
- a22de587007bf85f3998b4cdde2e794409ea0c0b
- 1c6aaec928e5bcaa07c7ce00a253b618fa7320ba
- 51c28dd91b8fdb9628dfa51c537a5e860c2a78f0
- 2da5fc5d0cd54369bc68cae064829064a2eda80c
- e68adbed6f12b80c5e91452f5a1593ce9fa68a9f
SHA-1
- b1eabb9ee4a7512da2beba587500936233aa63c4c210ca99ceafef24ca7b1976
- b4f58a5e9cc1c3b94f848aeb3830e9e28a38ec98cc6ec3337661d7b17c08e358
- 08a6193d0afc12de32573390251740b4b1d7a1af0b19ef0cc3a12c078db76449
- 17a3dfd3b22ddbdef2ffc6b02816eee1577ef4c897c04f4d2f55c2d644b470db
- ec61c46fdd4c22a18e41331c3b4553e385c6229b2d37c5ae4050b10e0cc27572
- 3237df10a8553e3e68910681cd522310e4f8155775531adc6f5804e50e7192de
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.