Multiple Phishing campaigns have been observed targeting multiple organizations, to deliver AZORult Malware, Trickbot banking Trojan and Emotet Malware.
While Trickbot and Emotet are previously known, the AZORult is an information stealer that can harvest credentials from several software applications, enumerate & grab ﬁles from Desktop, capture saved data from browsers (e.g. cookies, passwords, saved credit card information), steal Skype information, and steal cryptocurrency wallet information.
Collective threat indicators are given below. Many of these threat indicators were not detected by any of the Virus Total engines as malicious.
Indicators of Compromise
IP(s) / Hostname(s)
Malware Hash (MD5/SHA1/SH256)