fakeav | 22733741e922f58fda7fa8f881eba16876fa1b1810dbee6f0620922be18ee522 | Triage

Sharing

General

Target

22733741e922f58fda7fa8f881eba16876fa1b1810dbee6f0620922be18ee522
Size

711KB
Sample

210504-jnay6rt4ej
MD5

207167bc91be4c458b4a77c11f3feb13
SHA1

134f4245b2905d39acc68f9cceafec9c3ee95a93
SHA256

22733741e922f58fda7fa8f881eba16876fa1b1810dbee6f0620922be18ee522
SHA512

c733a2c80f26b0e3d2ee34ea96be3c202864a8cd94fa406d022d83abfc5d7902c3a3290df7f7a5ced83c5e74cb1b221029d9f9cd02a76bcd6a8c7df4b1ba86c0

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  22733741e922f58fda7fa8f881eba16876fa1b1810dbee6f0620922be18ee522
- Size
  
  711KB
- MD5
  
  207167bc91be4c458b4a77c11f3feb13
- SHA1
  
  134f4245b2905d39acc68f9cceafec9c3ee95a93
- SHA256
  
  22733741e922f58fda7fa8f881eba16876fa1b1810dbee6f0620922be18ee522
- SHA512
  
  c733a2c80f26b0e3d2ee34ea96be3c202864a8cd94fa406d022d83abfc5d7902c3a3290df7f7a5ced83c5e74cb1b221029d9f9cd02a76bcd6a8c7df4b1ba86c0
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware