General

  • Target

    b90d7c57236586712d875cbb9ddb0e5f40a449886d367e17d05f3a8640469e39.exe

  • Size

    664KB

  • Sample

    221113-sy8f4aeg4t

  • MD5

    c4e7ddc4f4de56d81cb9a1155b427cc0

  • SHA1

    c6457b8e4d2a1c5665c1aa03b0e4c47ac8f01c67

  • SHA256

    b90d7c57236586712d875cbb9ddb0e5f40a449886d367e17d05f3a8640469e39

  • SHA512

    cf9cdc6b44b719ada064cfbdb1a4cb8e51cdfa2d3661a116972ea385d34d28bfc988c666bb72c360fe499b347213f745f5a5ec17af79bdddfdf6b7cc0da83354

  • SSDEEP

    12288:ts9rzdzSoCU5qJSr1eDgUj2EBERrfa/gcAKHUzTshcLuPFGhAq:WVSoCU5qJSr1eDguWRrfa/gcveTTKPFi

Malware Config

Targets

    • Target

      b90d7c57236586712d875cbb9ddb0e5f40a449886d367e17d05f3a8640469e39.exe

    • Size

      664KB

    • MD5

      c4e7ddc4f4de56d81cb9a1155b427cc0

    • SHA1

      c6457b8e4d2a1c5665c1aa03b0e4c47ac8f01c67

    • SHA256

      b90d7c57236586712d875cbb9ddb0e5f40a449886d367e17d05f3a8640469e39

    • SHA512

      cf9cdc6b44b719ada064cfbdb1a4cb8e51cdfa2d3661a116972ea385d34d28bfc988c666bb72c360fe499b347213f745f5a5ec17af79bdddfdf6b7cc0da83354

    • SSDEEP

      12288:ts9rzdzSoCU5qJSr1eDgUj2EBERrfa/gcAKHUzTshcLuPFGhAq:WVSoCU5qJSr1eDguWRrfa/gcveTTKPFi

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Tasks