Resubmissions

28-01-2023 12:33

230128-prdrcseg74 10

04-11-2022 19:27

221104-x6fhhaace9 10

General

  • Target

    268f9c1a9cc445a6f2afe21100702e14e69c7d1ed127bfe930628ecc8496badb.exe

  • Size

    604KB

  • Sample

    230128-prdrcseg74

  • MD5

    6d07a0f61db6488b2869010fc78d8bb7

  • SHA1

    93204c59552bb6cfd657ba6cec35714cc4f05bca

  • SHA256

    268f9c1a9cc445a6f2afe21100702e14e69c7d1ed127bfe930628ecc8496badb

  • SHA512

    accca6ad61f6b07a050df1a90cfd9603a2eca13a601583b6b4035f835a0910c5bc8c88bcbc5d336c167d8de76d5b02207581b1c0e8529a71f0a232c8a0ddf811

  • SSDEEP

    12288:PPHUYiQkXzrFdSs9R2E18xG+yKXAETJk+:n0x7zj2EWxG7KXBTF

Malware Config

Targets

    • Target

      268f9c1a9cc445a6f2afe21100702e14e69c7d1ed127bfe930628ecc8496badb.exe

    • Size

      604KB

    • MD5

      6d07a0f61db6488b2869010fc78d8bb7

    • SHA1

      93204c59552bb6cfd657ba6cec35714cc4f05bca

    • SHA256

      268f9c1a9cc445a6f2afe21100702e14e69c7d1ed127bfe930628ecc8496badb

    • SHA512

      accca6ad61f6b07a050df1a90cfd9603a2eca13a601583b6b4035f835a0910c5bc8c88bcbc5d336c167d8de76d5b02207581b1c0e8529a71f0a232c8a0ddf811

    • SSDEEP

      12288:PPHUYiQkXzrFdSs9R2E18xG+yKXAETJk+:n0x7zj2EWxG7KXBTF

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Tasks