Overview

overview

10

Static

static

e400a84a81...5f.exe

windows7-x64

10

e400a84a81...5f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e400a84a81d2138cfafbad78402f58314e6a77f61926c4fc5d8f64e324492e5f

  • Size

    182KB

  • Sample

    221114-fc5f4aeh24

  • MD5

    3d766dc63e36acdc22c25dace038da8d

  • SHA1

    cd4c1135b0aef67540d04c9ef8c6f612a1e09c91

  • SHA256

    e400a84a81d2138cfafbad78402f58314e6a77f61926c4fc5d8f64e324492e5f

  • SHA512

    7e977d0bc1dc1dbfd94f459bd3b4ff1fb2f4615a963fd242bb1e46490ab238af07d435cdb86ef2b712d0d7e4c9a6af4bea99678e03c8348fdfbe6a7cc7650221

  • SSDEEP

    3072:tuTO4rRZi5IvXZmG4yXscjsU39/q+ZDPUEMTlqYpbEX/auDMY7SlV/wtRXR5ck3r:tkZyIvJmG4iSs9tZDPFMTR05u4RXb53r

Score
10/10
azovpersistenceransomwarespywarestealerwiper

Malware Config

Targets

    • Target

      e400a84a81d2138cfafbad78402f58314e6a77f61926c4fc5d8f64e324492e5f

    • Size

      182KB

    • MD5

      3d766dc63e36acdc22c25dace038da8d

    • SHA1

      cd4c1135b0aef67540d04c9ef8c6f612a1e09c91

    • SHA256

      e400a84a81d2138cfafbad78402f58314e6a77f61926c4fc5d8f64e324492e5f

    • SHA512

      7e977d0bc1dc1dbfd94f459bd3b4ff1fb2f4615a963fd242bb1e46490ab238af07d435cdb86ef2b712d0d7e4c9a6af4bea99678e03c8348fdfbe6a7cc7650221

    • SSDEEP

      3072:tuTO4rRZi5IvXZmG4yXscjsU39/q+ZDPUEMTlqYpbEX/auDMY7SlV/wtRXR5ck3r:tkZyIvJmG4iSs9tZDPFMTR05u4RXb53r

    Score
    10/10
    azovpersistenceransomwarespywarestealerwiper

    • Azov

      A wiper seeking only damage, first seen in 2022.

      ransomwarewiperazov

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks