General

  • Target

    2ed6d5db8184d721b6b754cb84515b92

  • Size

    1.4MB

  • Sample

    201214-sc91ahlh2x

  • MD5

    2ed6d5db8184d721b6b754cb84515b92

  • SHA1

    1fedafcf4c2a5b64162c36fa72dd989910ced538

  • SHA256

    46cf39181488c677646999d0c3a85a3787ff2df4c78469bfcdd1358ea809343e

  • SHA512

    3535b719a771c37c659dead622ec3945cfb1e16360d4813b7977514637e1fb09c92b5b05f3fd1f892d860e34ad4b413397e8122977db897d3417f56fd6c12b4f

Malware Config

Targets

    • Target

      2ed6d5db8184d721b6b754cb84515b92

    • Size

      1.4MB

    • MD5

      2ed6d5db8184d721b6b754cb84515b92

    • SHA1

      1fedafcf4c2a5b64162c36fa72dd989910ced538

    • SHA256

      46cf39181488c677646999d0c3a85a3787ff2df4c78469bfcdd1358ea809343e

    • SHA512

      3535b719a771c37c659dead622ec3945cfb1e16360d4813b7977514637e1fb09c92b5b05f3fd1f892d860e34ad4b413397e8122977db897d3417f56fd6c12b4f

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks