fakeav | 39105f14c1ee7da7d72358a26cfe0f09fd4502a2b00b1f4e56558a64549cdf8a | Triage

Sharing

General

Target

cae501a827511befbaf235b41cac610f
Size

4.9MB
Sample

201214-226a6ekkj2
MD5

cae501a827511befbaf235b41cac610f
SHA1

ed81b0b21826e8ec6290df4dd0baa8f0a7a06a71
SHA256

39105f14c1ee7da7d72358a26cfe0f09fd4502a2b00b1f4e56558a64549cdf8a
SHA512

c4a1608a8d1296ee8017ef99178fb991a0ffa3c74f37388f19a9d0c671c894b01193ff1b1cdd4d0608f9d8e10ee971a7d9881a71a0c9f0c9c679573d5930d084

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  cae501a827511befbaf235b41cac610f
- Size
  
  4.9MB
- MD5
  
  cae501a827511befbaf235b41cac610f
- SHA1
  
  ed81b0b21826e8ec6290df4dd0baa8f0a7a06a71
- SHA256
  
  39105f14c1ee7da7d72358a26cfe0f09fd4502a2b00b1f4e56558a64549cdf8a
- SHA512
  
  c4a1608a8d1296ee8017ef99178fb991a0ffa3c74f37388f19a9d0c671c894b01193ff1b1cdd4d0608f9d8e10ee971a7d9881a71a0c9f0c9c679573d5930d084
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware