March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 1, 2022Rewterz Threat Advisory – Multiple Apache Struts Vulnerabilities
June 1, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 1, 2022Rewterz Threat Advisory – Multiple Apache Struts Vulnerabilities
June 1, 2022
Severity
High
Analysis Summary
The AZORULT malware is an information stealer which was discovered in 2016. This malware steals IDs, browsing history, cookies, passwords, and other information. AZORult serves as a malware downloader and it was advertised on Russian underground forums as a way to extract sensitive data from compromised computers. Browser history, bitcoin, ID, cookies, and passwords can be stolen by this malware. Phishing emails and the Fallout Exploit Kit (EK), in combination with social engineering tactics, are the primary infection vectors for the AZORult virus. The virus can also act as a loader, allowing more malware to be downloaded.
Impact
- Information Theft
- Credential Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- c67871a2108f12690226761db6f714b3
SHA-256
- 2d54fe014e47421a3dbb41e52aab07e514b709e7aeb7d8c23a0dbfc4da9fcebd
SHA-1
- b03e416f6291cbf0a72c6207c0b8b1b7f24375e1
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.