General

  • Target

    a4a6ee276fc98d6735f34c917bdfbbf5c7d4b955e6f1ce1b03505509b408e4fc.exe

  • Size

    3.7MB

  • Sample

    221113-symjmabe62

  • MD5

    c84978a220b2b871198a3db451615500

  • SHA1

    b3849898825e31ca9786f452934a9e40eba0bc56

  • SHA256

    a4a6ee276fc98d6735f34c917bdfbbf5c7d4b955e6f1ce1b03505509b408e4fc

  • SHA512

    d7211c095b27b948344fae05735722bf69cfd18c2d1bff8a3613bc48792985f0eea2a094a8b6aaee2caa3b31e6294bfd73b66aed2294cc65fa65e375c8e750b4

  • SSDEEP

    49152:el7YUljH6Y0Fj33lRzgFLeUpO8VfTFZ1bBzP7n1Y8/17MVfw1QSXm+RFvTCr9lt1:e1OkfTFFqRlw6a+91

Malware Config

Targets

    • Target

      a4a6ee276fc98d6735f34c917bdfbbf5c7d4b955e6f1ce1b03505509b408e4fc.exe

    • Size

      3.7MB

    • MD5

      c84978a220b2b871198a3db451615500

    • SHA1

      b3849898825e31ca9786f452934a9e40eba0bc56

    • SHA256

      a4a6ee276fc98d6735f34c917bdfbbf5c7d4b955e6f1ce1b03505509b408e4fc

    • SHA512

      d7211c095b27b948344fae05735722bf69cfd18c2d1bff8a3613bc48792985f0eea2a094a8b6aaee2caa3b31e6294bfd73b66aed2294cc65fa65e375c8e750b4

    • SSDEEP

      49152:el7YUljH6Y0Fj33lRzgFLeUpO8VfTFZ1bBzP7n1Y8/17MVfw1QSXm+RFvTCr9lt1:e1OkfTFFqRlw6a+91

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Tasks