General

  • Target

    e8dafd116fe40dbe118aaf2ef5fa3d663f7357959b650b69d99d045712fb1d6f.exe

  • Size

    182KB

  • Sample

    221114-fbnryseg87

  • MD5

    923acbae09c25d3220856c8c743e16cf

  • SHA1

    eb7d58b4b4054439adbd7419ffb691c9f8700de8

  • SHA256

    e8dafd116fe40dbe118aaf2ef5fa3d663f7357959b650b69d99d045712fb1d6f

  • SHA512

    3d2a8aa31669b25f726e36a92102afb378baa4d3aa685bf158cecd9b49432ceabad45571a798744349f6a8f2f5a93dc3f9fb5cc41f81cea10e5655f1a299ae6d

  • SSDEEP

    3072:tuTO4rRZiF+vXzmGmBXscjDU39dq+ZDPUEMTlqeiNiptkB0CugSanI:tkZ++vDmGm1ts9PZDPFMTni8ts0CnJI

Malware Config

Targets

    • Target

      e8dafd116fe40dbe118aaf2ef5fa3d663f7357959b650b69d99d045712fb1d6f.exe

    • Size

      182KB

    • MD5

      923acbae09c25d3220856c8c743e16cf

    • SHA1

      eb7d58b4b4054439adbd7419ffb691c9f8700de8

    • SHA256

      e8dafd116fe40dbe118aaf2ef5fa3d663f7357959b650b69d99d045712fb1d6f

    • SHA512

      3d2a8aa31669b25f726e36a92102afb378baa4d3aa685bf158cecd9b49432ceabad45571a798744349f6a8f2f5a93dc3f9fb5cc41f81cea10e5655f1a299ae6d

    • SSDEEP

      3072:tuTO4rRZiF+vXzmGmBXscjDU39dq+ZDPUEMTlqeiNiptkB0CugSanI:tkZ++vDmGm1ts9PZDPFMTni8ts0CnJI

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks