Overview

overview

10

Static

static

10

f5f61b6cee...c7.exe

windows7_x64

10

f5f61b6cee...c7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5f61b6cee1ab14f9523693c40fd9fc7

  • Size

    8.3MB

  • Sample

    201214-s6p92xkpae

  • MD5

    f5f61b6cee1ab14f9523693c40fd9fc7

  • SHA1

    b3c721662992337db0c77900d5910dea79b5cbcb

  • SHA256

    607a0eef8ef12194a75812f2ab4f20f23d7ca4db043957af6970f359895fd665

  • SHA512

    ab1c42c9419d24672d1138982fdb3eeb13b948aaea2786bcdddb5631780cf21ac8b5fb0cb3b399c0faf23d64c85237f8b7a96aaf87481aef1170c098bc4f911e

Score
10/10
fakeavfakeavpersistencespyware

Malware Config

Targets

    • Target

      f5f61b6cee1ab14f9523693c40fd9fc7

    • Size

      8.3MB

    • MD5

      f5f61b6cee1ab14f9523693c40fd9fc7

    • SHA1

      b3c721662992337db0c77900d5910dea79b5cbcb

    • SHA256

      607a0eef8ef12194a75812f2ab4f20f23d7ca4db043957af6970f359895fd665

    • SHA512

      ab1c42c9419d24672d1138982fdb3eeb13b948aaea2786bcdddb5631780cf21ac8b5fb0cb3b399c0faf23d64c85237f8b7a96aaf87481aef1170c098bc4f911e

    Score
    10/10
    fakeavfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks