General
-
Target
56a32e80d9f1c670d1b9dd45937bd710N.exe
-
Size
832KB
-
Sample
240817-mesnmstdpp
-
MD5
56a32e80d9f1c670d1b9dd45937bd710
-
SHA1
536752e09e02de530ddcc8976d2e6b8b94299a7b
-
SHA256
306d3fd823f0276d999d040b580ae2bae55c0356b5a92404c56fc8e6594da5d3
-
SHA512
2042b121d874604933acd50fe739e63a5561c9c1fcc7421697c821fa8fc97451b92f45e6241bfae960cfd2d0fc339e94dfef3c11db5f1a49a7f81be94f83c093
-
SSDEEP
12288:+sCnS5+Gm5FORkFvYxDhUAbL/wQus9fD0Ca5ZIXVh5aLz+6WGBUI:ZkVJ0oHPIXVXavrL
Malware Config
Targets
-
-
Target
56a32e80d9f1c670d1b9dd45937bd710N.exe
-
Size
832KB
-
MD5
56a32e80d9f1c670d1b9dd45937bd710
-
SHA1
536752e09e02de530ddcc8976d2e6b8b94299a7b
-
SHA256
306d3fd823f0276d999d040b580ae2bae55c0356b5a92404c56fc8e6594da5d3
-
SHA512
2042b121d874604933acd50fe739e63a5561c9c1fcc7421697c821fa8fc97451b92f45e6241bfae960cfd2d0fc339e94dfef3c11db5f1a49a7f81be94f83c093
-
SSDEEP
12288:+sCnS5+Gm5FORkFvYxDhUAbL/wQus9fD0Ca5ZIXVh5aLz+6WGBUI:ZkVJ0oHPIXVXavrL
Score10/10-
Azov
A wiper seeking only damage, first seen in 2022.
-
Renames multiple (751) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-