General
-
Target
9cc801f6c55b11a8875706e087414680N.exe
-
Size
113KB
-
Sample
240822-f1gd6stejl
-
MD5
9cc801f6c55b11a8875706e087414680
-
SHA1
e54f2b78ca88d4b935bb15393e34be09f43bd908
-
SHA256
9cbcc7f42791820ea7ee01c0843c499b2f69632baebc5a6c65f03213d53e2506
-
SHA512
3e231dae293d44c905c51ef1d65bb8e1a13ec1cf56ce8ffbf5fcec1afc0bf7583854a76ad30de1e71b9a7d1b5d02a5f113a27f79f5550e6eecc18e3aa8c4f462
-
SSDEEP
1536:lxhjMDHJeFhvXuhi3ug5BXjQzZ28Tx4rUbu60w2mclxjgDZ9yymsKwEzLwOJqtw8:l242U39sHTx4rd60w2mcQRmdwEtotw8
Malware Config
Targets
-
-
Target
9cc801f6c55b11a8875706e087414680N.exe
-
Size
113KB
-
MD5
9cc801f6c55b11a8875706e087414680
-
SHA1
e54f2b78ca88d4b935bb15393e34be09f43bd908
-
SHA256
9cbcc7f42791820ea7ee01c0843c499b2f69632baebc5a6c65f03213d53e2506
-
SHA512
3e231dae293d44c905c51ef1d65bb8e1a13ec1cf56ce8ffbf5fcec1afc0bf7583854a76ad30de1e71b9a7d1b5d02a5f113a27f79f5550e6eecc18e3aa8c4f462
-
SSDEEP
1536:lxhjMDHJeFhvXuhi3ug5BXjQzZ28Tx4rUbu60w2mclxjgDZ9yymsKwEzLwOJqtw8:l242U39sHTx4rd60w2mcQRmdwEtotw8
Score10/10-
Azov
A wiper seeking only damage, first seen in 2022.
-
Renames multiple (589) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-