March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – ZxShell RAT – Active IOCs
December 27, 2022Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
December 27, 2022Rewterz Threat Alert – ZxShell RAT – Active IOCs
December 27, 2022Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
December 27, 2022
Severity
Medium
Analysis Summary
The AZORULT malware is an information stealer which was discovered in 2016. This malware steals IDs, browsing history, cookies, passwords, and other information. AZORult serves as a malware downloader and it was advertised on Russian underground forums as a way to extract sensitive data from compromised computers. Browser history, bitcoin, ID, cookies, and passwords can be stolen by this malware. Phishing emails and the Fallout Exploit Kit (EK), in combination with social engineering tactics, are the primary infection vectors for the AZORult virus. The virus can also act as a loader, allowing more malware to be downloaded
Impact
- Information Theft
- Credential Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- 3b11e428baee5fae558244ce8c886703
SHA-256
- 0d10e51797d96cd41966ab3218c4fe8972beca2de0ec688c2b31cd6061953945
SHA-1
- 27c167d409b8b4b0d9ed240042a4e768f5ff107e
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.