Overview

overview

10

Static

static

cfe9b79faf...9d.exe

windows7-x64

10

cfe9b79faf...9d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfe9b79faf455e5ba96d1949d24af3bc4ea4671ade277df1a9674ab538c62c9d.exe

  • Size

    110KB

  • Sample

    221117-hh2y9shg91

  • MD5

    914bcab4e777c2b32b7563edf0b6a7aa

  • SHA1

    eee78956f52218bec8f46b2692722a00f84dafba

  • SHA256

    cfe9b79faf455e5ba96d1949d24af3bc4ea4671ade277df1a9674ab538c62c9d

  • SHA512

    8a0e5534721bedae89c738fcc43b543accb33385319ece5b9c5fd08677790392d9f89e99110462ede0575672588a395a7309e5c792d13795908228095fc858ab

  • SSDEEP

    3072:3jrvCU39gkTx4rVKPwo1YHYi3Avf3LVHoX5P5bsl0n3wX2b5RG9ru:3jjCs9MJouHFA3JoXdmy3YcUu

Score
10/10
azovpersistenceransomwarespywarestealerwiper

Malware Config

Targets

    • Target

      cfe9b79faf455e5ba96d1949d24af3bc4ea4671ade277df1a9674ab538c62c9d.exe

    • Size

      110KB

    • MD5

      914bcab4e777c2b32b7563edf0b6a7aa

    • SHA1

      eee78956f52218bec8f46b2692722a00f84dafba

    • SHA256

      cfe9b79faf455e5ba96d1949d24af3bc4ea4671ade277df1a9674ab538c62c9d

    • SHA512

      8a0e5534721bedae89c738fcc43b543accb33385319ece5b9c5fd08677790392d9f89e99110462ede0575672588a395a7309e5c792d13795908228095fc858ab

    • SSDEEP

      3072:3jrvCU39gkTx4rVKPwo1YHYi3Avf3LVHoX5P5bsl0n3wX2b5RG9ru:3jjCs9MJouHFA3JoXdmy3YcUu

    Score
    10/10
    azovpersistenceransomwarespywarestealerwiper

    • Azov

      A wiper seeking only damage, first seen in 2022.

      ransomwarewiperazov

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks