fakeav | 5da36b0d9e9c193a1ff7d1480d78e4e948ba0ec4c52a87d9c95966c5779e0643

General

Target

5da36b0d9e9c193a1ff7d1480d78e4e948ba0ec4c52a87d9c95966c5779e0643
Size

724KB
Sample

210513-pzf7phr4vs
MD5

6b8df6ed598c7b0e26d1d1e005226240
SHA1

c0bc28643bc8b11102e03993607da40366ce1257
SHA256

5da36b0d9e9c193a1ff7d1480d78e4e948ba0ec4c52a87d9c95966c5779e0643
SHA512

1a2f84a1260039d6846992221563729877186de078dbe59efcd12772dc77f95890db9860c276cf191db14a06cdbb90a87204f304f0d0b44611802fec3ba6633a

Score

10^/10

Malware Config

Targets

- Target
  
  5da36b0d9e9c193a1ff7d1480d78e4e948ba0ec4c52a87d9c95966c5779e0643
- Size
  
  724KB
- MD5
  
  6b8df6ed598c7b0e26d1d1e005226240
- SHA1
  
  c0bc28643bc8b11102e03993607da40366ce1257
- SHA256
  
  5da36b0d9e9c193a1ff7d1480d78e4e948ba0ec4c52a87d9c95966c5779e0643
- SHA512
  
  1a2f84a1260039d6846992221563729877186de078dbe59efcd12772dc77f95890db9860c276cf191db14a06cdbb90a87204f304f0d0b44611802fec3ba6633a
Score

10^/10

fakeav xmrig fakeav miner persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- FakeAV payload
  fakeav spyware
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

2

T1060

Privilege Escalation

Defense Evasion

Modify Registry

2

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

FakeAV, RogueAntivirus

xmrig

FakeAV payload

Executes dropped EXE

Sets file execution options in registry

Loads dropped DLL

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

We care about your privacy.