fakeav | 3373a475059937c39324739d8587d5b5d39120fe3c07b12e6aa4429b6b825e5e | Triage

Sharing

General

Target

3373a475059937c39324739d8587d5b5d39120fe3c07b12e6aa4429b6b825e5e
Size

711KB
Sample

210509-dd9j9rlj1x
MD5

fdf3bf82f3fb4eb6a2d78356a959da52
SHA1

c112b9c11202fcb8ff3473c8f289263fef679c95
SHA256

3373a475059937c39324739d8587d5b5d39120fe3c07b12e6aa4429b6b825e5e
SHA512

cd45500440903fc67adab3cce50eadb13ef832e644f5747bcf61f319989ea3b10f4d782ab35b22286d253f8abcdcff62a7a5d4b3383869303752dcbd67706b5a

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  3373a475059937c39324739d8587d5b5d39120fe3c07b12e6aa4429b6b825e5e
- Size
  
  711KB
- MD5
  
  fdf3bf82f3fb4eb6a2d78356a959da52
- SHA1
  
  c112b9c11202fcb8ff3473c8f289263fef679c95
- SHA256
  
  3373a475059937c39324739d8587d5b5d39120fe3c07b12e6aa4429b6b825e5e
- SHA512
  
  cd45500440903fc67adab3cce50eadb13ef832e644f5747bcf61f319989ea3b10f4d782ab35b22286d253f8abcdcff62a7a5d4b3383869303752dcbd67706b5a
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware