Overview

overview

10

Static

static

3

edb1294925...60.exe

windows7-x64

10

edb1294925...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11135191670.zip

  • Size

    1.5MB

  • Sample

    231018-pammyaeb6s

  • MD5

    252974df85f04d347a76fd5b87a13e60

  • SHA1

    727be1ba3587332b93ddb8c2463682223ea06c16

  • SHA256

    4931f6e4d65c362743d3233661a08aed3f2161ae7961e17ead74c9288ad8c36b

  • SHA512

    c21e9548d40a5547dd089be64bda236e80e9a68a489215ac93c8d52064dcb513878df4fc7e99184144a5b0ea7a890e3f1a3b338a5c0f72abcc3094d04ef2167a

  • SSDEEP

    24576:HjyR8j7MJ94aYcTsmBwxmMKYCGj7AHl3YPZb/3t6NJtX7Gjhuhzk3TP0TKi7xPkq:T/Q94ansmBSmMMwAFWZb/3kNjX7GVezl

Score
10/10
azovpersistenceransomwarespywarestealerwiper

Malware Config

Targets

    • Target

      edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260

    • Size

      3.3MB

    • MD5

      87ad4b692889e604245f3a1d68a916c1

    • SHA1

      f9d836a54bb388c9b46142d20acb919adeeda883

    • SHA256

      edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260

    • SHA512

      c1a67d109e1919f02449ff62f21093de3b30b07d7d4b6a350cf8e6c1bd9eb38e7bc68937d7965c0d84600833f32e471915c01d5d283422e16bf66e0473b2a02e

    • SSDEEP

      49152:J/8gnQYPGTY62jlCui3IA89W4x8n+kKWZXqH+cz4xqA1k5Tgx+/Z:B8gVGuiYA/lHcz4OLh

    Score
    10/10
    azovpersistenceransomwarespywarestealerwiper

    • Azov

      A wiper seeking only damage, first seen in 2022.

      ransomwarewiperazov

    • Renames multiple (2535) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Renames multiple (2895) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks