SYMBOL | COMMON_NAME | aka. SYNONYMS |
Actor(s): The Gorgon Group
AZORult is a credential and payment card information stealer. Among other things, version 2 added support for .bit-domains. It has been observed in conjunction with Chthonic as well as being dropped by Ramnit.
2024-09-04
⋅
ANY.RUN
⋅
AZORult Malware: Technical Analysis Azorult |
2024-01-12
⋅
cyble
⋅
Sneaky Azorult Back in Action and Goes Undetected Azorult |
2023-01-30
⋅
Checkpoint
⋅
Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware Agent Tesla Azorult Buer Cerber Cobalt Strike Emotet Formbook HawkEye Keylogger Loki Password Stealer (PWS) Maze NetWire RC Remcos REvil TrickBot |
2022-08-25
⋅
splunk
⋅
AppLocker Rules as Defense Evasion: Complete Analysis Azorult |
2022-08-08
⋅
Medium CSIS Techblog
⋅
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader |
2022-08-02
⋅
Recorded Future
⋅
Initial Access Brokers Are Key to Rise in Ransomware Attacks Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar |
2022-07-13
⋅
KELA
⋅
The Next Generation of Info Stealers Arkei Stealer Azorult BlackGuard Eternity Stealer Ginzo Stealer Mars Stealer MetaStealer Raccoon RedLine Stealer Vidar |
2022-05-10
⋅
Checkpoint
⋅
Info-stealer Campaign targets German Car Dealerships and Manufacturers Azorult BitRAT Raccoon |
2021-12-02
⋅
Cisco
⋅
Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension Azorult RedLine Stealer |
2021-11-29
⋅
Trend Micro
⋅
Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos |
2021-10-06
⋅
zimperium
⋅
Malware Distribution with Mana Tools Agent Tesla Azorult |
2021-09-08
⋅
RiskIQ
⋅
Bulletproof Hosting Services: Investigating Flowspec Azorult Glupteba |
2021-09-04
⋅
cocomelonc
⋅
AV engines evasion for C++ simple malware: part 1 4h_rat Azorult BADCALL BadNews BazarBackdoor Cardinal RAT |
2021-08-18
⋅
AhnLab
⋅
Infostealer Malware Azorult Being Distributed Through Spam Mails Azorult |
2021-07-12
⋅
IBM
⋅
RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation 404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos |
2021-07-12
⋅
Cipher Tech Solutions
⋅
RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation 404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos |
2021-04-07
⋅
F5
⋅
Dissecting the Design and Vulnerabilities in Azorult C&C Panels Azorult |
2021-02-15
⋅
Medium s2wlab
⋅
Operation SyncTrek AbaddonPOS Azorult Clop DoppelDridex DoppelPaymer Dridex PwndLocker |
2021-02-06
⋅
Medium mariohenkel
⋅
Decrypting AzoRult traffic for fun and profit Azorult |
2021-02-03
⋅
Medium s2wlab
⋅
W1 Feb| EN | Story of the week: Stealers on the Darkweb Azorult Raccoon Vidar |
2021-01-28
⋅
Youtube (Virus Bulletin)
⋅
The Bagsu banker case Azorult DreamBot Emotet Pony TrickBot ZeusAction |
2021-01-09
⋅
Marco Ramilli's Blog
⋅
Command and Control Traffic Patterns ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot |
2020-12-14
⋅
Blueliv
⋅
Using Qiling Framework to Unpack TA505 packed samples AndroMut Azorult Silence TinyMet |
2020-12-02
⋅
DomainTools
⋅
Identifying Network Infrastructure Related to a World Health Organization Spoofing Campaign Azorult Glupteba |
2020-11-18
⋅
VMRay
⋅
Malware Analysis Spotlight: AZORult Delivered by GuLoader Azorult CloudEyE |
2020-09-29
⋅
Zscaler
⋅
Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East Azorult |
2020-09-02
⋅
Palo Alto Networks Unit 42
⋅
Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers Azorult |
2020-09-01
⋅
nviso
⋅
Epic Manchego – atypical maldoc delivery brings flurry of infostealers Azorult NjRAT |
2020-07-30
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q2 2020 AdWind Agent Tesla Arkei Stealer AsyncRAT Ave Maria Azorult DanaBot Emotet IcedID ISFB KPOT Stealer Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Pony Raccoon RedLine Stealer Remcos Zloader |
2020-06-11
⋅
Talos Intelligence
⋅
Tor2Mine is up to their old tricks — and adds a few new ones Azorult Remcos |
2020-05-21
⋅
Malwarebytes
⋅
Cybercrime tactics and techniques Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC |
2020-04-29
⋅
FR3D.HK
⋅
Gazorp - Thieving from thieves Azorult |
2020-04-15
⋅
Zscaler
⋅
Multistage FreeDom loader used in Aggah Campaign to spread Nanocore and AZORult Azorult Nanocore RAT |
2020-04-13
⋅
Blackberry
⋅
Threat Spotlight: Gootkit Banking Trojan Azorult GootKit |
2020-04-02
⋅
Cisco Talos
⋅
AZORult brings friends to the party Azorult Remcos |
2020-04-01
⋅
Cisco
⋅
Navigating Cybersecurity During a Pandemic: Latest Malware and Threat Actors Azorult CloudEyE Formbook KPOT Stealer Metamorfo Nanocore RAT NetWire RC TrickBot |
2020-03-26
⋅
Telekom
⋅
TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505 |
2020-03-26
⋅
Max Kersten's Blog
⋅
Azorult loader stages Azorult |
2020-02-26
⋅
KELA
⋅
What’s Dead May Never Die: AZORult Infostealer Decommissioned Again Azorult |
2020-02-21
⋅
KELA
⋅
Exploring the Genesis Supply Chain for Fun and Profit: Part 1 – Misadventures in GUIDology Azorult |
2020-02-19
⋅
Team Cymru
⋅
Azorult – what we see using our own tools Azorult |
2020-02-12
⋅
Twitter (@DrStache_)
⋅
Tweet on ManaBotnet Azorult |
2020-02-06
⋅
Prevailion
⋅
The Triune Threat: MasterMana Returns Azorult Loki Password Stealer (PWS) |
2020-02-05
⋅
Cybereason
⋅
The Hole in the Bucket: Attackers Abuse Bitbucket to Deliver an Arsenal of Malware Amadey Azorult Predator The Thief STOP Vidar |
2020-02-03
⋅
SANS ISC
⋅
Analysis of a triple-encrypted AZORult downloader Azorult |
2020-01-27
⋅
Yoroi
⋅
Aggah: How to run a botnet without renting a Server (for more than a year) LokiBot Azorult |
2020-01-22
⋅
The malware analyst’s guide to PE timestamps Azorult Gozi IcedID ISFB LOLSnif SUNBURST TEARDROP |
2020-01-19
⋅
360
⋅
BayWorld event, Cyber Attack Against Foreign Trade Industry Azorult Formbook Nanocore RAT Revenge RAT |
2019-09-26
⋅
Proofpoint
⋅
New WhiteShadow downloader uses Microsoft SQL to retrieve malware WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos |
2019-09-24
⋅
Yoroi
⋅
APT or not APT? What's Behind the Aggah Campaign Azorult |
2019-08-10
⋅
Check Point
⋅
SELECT code_execution FROM * USING SQLite; Azorult Loki Password Stealer (PWS) Pony |
2019-07-11
⋅
InfoSec Handlers Diary Blog
⋅
Recent AZORult activity Azorult |
2019-06-04
⋅
Cylance
⋅
Threat Spotlight: Analyzing AZORult Infostealer Malware Azorult |
2019-03-22
⋅
Kaspersky Labs
⋅
AZORult++: Rewriting history Azorult |
2019-02-07
⋅
Blueliv
⋅
Sales of AZORult grind to an AZOR-halt Azorult |
2019-01-28
⋅
Minerva Labs
⋅
AZORult: Now, as A Signed “Google Update” Azorult |
2018-10-17
⋅
Check Point
⋅
The Emergence of the New Azorult 3.3 Azorult |
2018-08-18
⋅
Bleeping Computer
⋅
AZORult Trojan Serving Aurora Ransomware by MalActor Oktropys Aurora Azorult |
2018-07-30
⋅
Proofpoint
⋅
New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign Azorult Hermes |
2018-05-17
⋅
Minerva Labs
⋅
Analyzing an AZORult Attack – Evasion in a Cloak of Multiple Layers Azorult |
2017-11-12
⋅
Seamless Campaign Delivers Ramnit via RIG EK at 188.225.82.158. Follow-up Malware is AZORult Stealer. Azorult |
2017-07-24
⋅
Malware Breakdown
⋅
The Seamless Campaign Drops Ramnit. Follow-up Malware: AZORult Stealer, Smoke Loader, etc. Azorult |
2017-07-24
⋅
Vitali Kremez Blog
⋅
Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2' Azorult |
2016-07-26
⋅
Proofpoint
⋅
Threat Actors Using Legitimate PayPal Accounts To Distribute Chthonic Banking Trojan Azorult Chthonic |