Submit Release
News Search

There were 1,187 press releases posted in the last 24 hours and 299,044 in the last 365 days.

ANY.RUN Releases Expert Malware Analysis on AZORult

DUBAI, DUBAI, UNITED ARAB EMIRATES, September 4, 2024 /EINPresswire.com/ -- ANY.RUN, a leading provider of interactive malware analysis solutions, presents an insightful guest post by malware reverse engineer and threat intelligence analyst, Mostafa ElSheimy. In this comprehensive analysis, Mostafa examines the main functionalities of AZORult, a sophisticated credential and payment card information stealer.

๐‚๐จ๐ฆ๐ฉ๐ซ๐ž๐ก๐ž๐ง๐ฌ๐ข๐ฏ๐ž ๐๐ซ๐ž๐š๐ค๐๐จ๐ฐ๐ง ๐จ๐Ÿ ๐€๐™๐Ž๐‘๐ฎ๐ฅ๐ญโ€™๐ฌ ๐„๐ฏ๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง ๐š๐ง๐ ๐๐ž๐ก๐š๐ฏ๐ข๐จ๐ซ

ElSheimy provides an in-depth look into the evolution of AZORult, tracing its origins from its early development in Delphi to its transition into C++ and the introduction of .bit domain support.

The key findings include:

โ€ข Execution of hidden PowerShell commands: AZORult uses PowerShell scripts to execute malicious commands undetected.

โ€ข Registry manipulation: AZORult modifies and deletes Windows registry keys, further securing its persistence within the system.

โ€ข File dropping: The malware deploys additional payloads, such as Declinometer235.exe, to enhance its functionality and ensure broader system compromise.

โ€ข Anti-debugging techniques: It employs techniques such as GetTickCount to detect if it's running in a virtualized environment, helping it avoid detection.

๐–๐ก๐ฒ ๐“๐ก๐ข๐ฌ ๐Œ๐š๐ญ๐ญ๐ž๐ซ๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐๐ซ๐จ๐Ÿ๐ž๐ฌ๐ฌ๐ข๐จ๐ง๐š๐ฅ๐ฌ

For cybersecurity experts, this report serves as a practical guide to understanding malwareโ€™s strategies and methods, which can be vital for developing countermeasures against this type of threat.

Learn more on ANY.RUNโ€™s blog

๐€๐›๐จ๐ฎ๐ญ ๐€๐๐˜.๐‘๐”๐

ANY.RUN assists over 400,000 cybersecurity professionals worldwide with its interactive sandbox solutions, simplifying the analysis of malware targeting both Windows and Linux systems. Our advanced threat intelligence tools, including TI Lookup, YARA Search, and Feeds, help organizations quickly gather Indicators of Compromise (IOCs), understand active threats, and respond faster to incidents.

The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
X

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

You just read:

ANY.RUN Releases Expert Malware Analysis on AZORult

Distribution channels: Banking, Finance & Investment Industry, Business & Economy, Companies, IT Industry, Technology


EIN Presswire's priority is author transparency. We do our best to weed out false and misleading content. The content above is the sole responsibility of the author who makes it available. If you have any complaints, kindly contact the author above.

We use cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Learn more