AZORult

References:
  • New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign - 2018-07-30 - Proofpoint - Proofpoint Staff AZORult
  • More Reading:

  • Threat Actors Using Legitimate PayPal Accounts To Distribute Chthonic Banking Trojan - 2016-07-26 - Proofpoint - Proofpoint Staff Chthonic AZORult
  • WinRAR Zero-day Abused in Multiple Campaigns - 2019-03-26 - FireEye - Dileep Kumar Jallepalli Netwire CVE-2018-20250 AZORult Quasar
  • Head Fake: Tackling Disruptive Ransomware Attacks - 2019-10-01 - FireEye - Bryce Abdo - Brandan Schondorfer - Kareem Hamdan - Kimberly Goody - Noah Klapprodt - Matt Bromiley BitPaymer SocGholish Dridex Chthonic AZORult