Overview

overview

10

Static

static

3

2024-08-17...uk.exe

windows7-x64

1

2024-08-17...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-17_97c6a60fefa4429c221934b9aee7ad65_hijackloader_ryuk

  • Size

    1.8MB

  • Sample

    240817-qsva6sxgnd

  • MD5

    97c6a60fefa4429c221934b9aee7ad65

  • SHA1

    eae67a0137a10762b8b9a8be230d48cc90d30a20

  • SHA256

    41a38daa6550fca05253414f95284334bea9f84567a0e03e5ef578318d7b76da

  • SHA512

    f1693b3951b1b9b001cb060d80f25bc67856436800253e4f2992a56ca49a605f0a408d24d94eb5fd95298bde78c0550deae2b39d812c7f963d646fd19299daac

  • SSDEEP

    24576:R6MYyVDJwFO2/Olqy3DqtaXTvSL2eYzxDvmaoCsO1llMEbUlx2az2+:R6NROE36Djg2nxDv1PZ1LTbz8

Score
10/10
azovpersistenceransomwarewiper

Malware Config

Targets

    • Target

      2024-08-17_97c6a60fefa4429c221934b9aee7ad65_hijackloader_ryuk

    • Size

      1.8MB

    • MD5

      97c6a60fefa4429c221934b9aee7ad65

    • SHA1

      eae67a0137a10762b8b9a8be230d48cc90d30a20

    • SHA256

      41a38daa6550fca05253414f95284334bea9f84567a0e03e5ef578318d7b76da

    • SHA512

      f1693b3951b1b9b001cb060d80f25bc67856436800253e4f2992a56ca49a605f0a408d24d94eb5fd95298bde78c0550deae2b39d812c7f963d646fd19299daac

    • SSDEEP

      24576:R6MYyVDJwFO2/Olqy3DqtaXTvSL2eYzxDvmaoCsO1llMEbUlx2az2+:R6NROE36Djg2nxDv1PZ1LTbz8

    Score
    10/10
    azovpersistenceransomwarewiper

    • Azov

      A wiper seeking only damage, first seen in 2022.

      ransomwarewiperazov

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks