General

  • Target

    57182abead5ca69b6e550ab6940b94d0N.exe

  • Size

    832KB

  • Sample

    240822-y8gzsawela

  • MD5

    57182abead5ca69b6e550ab6940b94d0

  • SHA1

    9d396e1e22a1ff42001fbd79ef85b90749520680

  • SHA256

    119c50a191aec17334135912bc419e96bea3d62a191dabef37d1d30ee1ddc9ea

  • SHA512

    efc6a08d807d25a3473bd0ae2b3df8e56febf9707c12b854e9fdb1bd0da1e9dae08259d0aad5b464cef3815d9b87c6797beb264b94065a6efe7d2ca2425722ad

  • SSDEEP

    12288:NZClha+Oj5pGcDWS4RqhUA0B/wUws90D0Ca5ZIXVUfOeNMWxXZzvmeQLsZlRXwI5:z4guXowPIXV9BMZzmeQLsjRXwI5

Malware Config

Targets

    • Target

      57182abead5ca69b6e550ab6940b94d0N.exe

    • Size

      832KB

    • MD5

      57182abead5ca69b6e550ab6940b94d0

    • SHA1

      9d396e1e22a1ff42001fbd79ef85b90749520680

    • SHA256

      119c50a191aec17334135912bc419e96bea3d62a191dabef37d1d30ee1ddc9ea

    • SHA512

      efc6a08d807d25a3473bd0ae2b3df8e56febf9707c12b854e9fdb1bd0da1e9dae08259d0aad5b464cef3815d9b87c6797beb264b94065a6efe7d2ca2425722ad

    • SSDEEP

      12288:NZClha+Oj5pGcDWS4RqhUA0B/wUws90D0Ca5ZIXVUfOeNMWxXZzvmeQLsZlRXwI5:z4guXowPIXV9BMZzmeQLsjRXwI5

    • Azov

      A wiper seeking only damage, first seen in 2022.

    • Renames multiple (1571) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks