General

  • Target

    c4848708844b01858c9fe048ad71b539c1e1847b8aa4198af84d407626880e3a.exe

  • Size

    2.7MB

  • Sample

    221114-fah53seg78

  • MD5

    2dd2da6788422bc0a1b61b002cb18a01

  • SHA1

    ec7d2a30671a4f85bb3d1f5c5e52629927044221

  • SHA256

    c4848708844b01858c9fe048ad71b539c1e1847b8aa4198af84d407626880e3a

  • SHA512

    d41e58da5d49e3b13fb4bd7486fbf65604690095a8d72ba87df4bec2c5c2f4bf6217eade2a5a228c8e8a7da8b65cafe96ff0dadfb5e373a6237551a44f6d1390

  • SSDEEP

    49152:HarJjhK89t3TPb+jVTCISg30AinLtivJGHfAuOp6mSlFr6PTaaxhot7l:H+3mBvZinLtebma767l

Malware Config

Targets

    • Target

      c4848708844b01858c9fe048ad71b539c1e1847b8aa4198af84d407626880e3a.exe

    • Size

      2.7MB

    • MD5

      2dd2da6788422bc0a1b61b002cb18a01

    • SHA1

      ec7d2a30671a4f85bb3d1f5c5e52629927044221

    • SHA256

      c4848708844b01858c9fe048ad71b539c1e1847b8aa4198af84d407626880e3a

    • SHA512

      d41e58da5d49e3b13fb4bd7486fbf65604690095a8d72ba87df4bec2c5c2f4bf6217eade2a5a228c8e8a7da8b65cafe96ff0dadfb5e373a6237551a44f6d1390

    • SSDEEP

      49152:HarJjhK89t3TPb+jVTCISg30AinLtivJGHfAuOp6mSlFr6PTaaxhot7l:H+3mBvZinLtebma767l

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Collection

Data from Local System

1
T1005

Tasks