fakeav | a0a8eec6bdc68c5d1b052bb9b75ddf6d187ba52cd7d881c2e40acc75767392e7 | Triage

Sharing

General

Target

a0a8eec6bdc68c5d1b052bb9b75ddf6d187ba52cd7d881c2e40acc75767392e7
Size

711KB
Sample

210511-lmdfp873fs
MD5

e689cd7348b7e16d607a2ee139c9a581
SHA1

2133867dfd6981b404307ff259f68fed9f964efc
SHA256

a0a8eec6bdc68c5d1b052bb9b75ddf6d187ba52cd7d881c2e40acc75767392e7
SHA512

aec795e21cd2cb4d75275ff0bb3b653546b6a7871d23f888db97af9bce3d122546c965dc89a4447e0ea3fa9ba8d1a935e71ad274efefc35e435c0fc4a28b7f4e

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  a0a8eec6bdc68c5d1b052bb9b75ddf6d187ba52cd7d881c2e40acc75767392e7
- Size
  
  711KB
- MD5
  
  e689cd7348b7e16d607a2ee139c9a581
- SHA1
  
  2133867dfd6981b404307ff259f68fed9f964efc
- SHA256
  
  a0a8eec6bdc68c5d1b052bb9b75ddf6d187ba52cd7d881c2e40acc75767392e7
- SHA512
  
  aec795e21cd2cb4d75275ff0bb3b653546b6a7871d23f888db97af9bce3d122546c965dc89a4447e0ea3fa9ba8d1a935e71ad274efefc35e435c0fc4a28b7f4e
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware