fakeav | 265e851c177d5611ea0b3bef02daa90097d01a6ea9ca4fff2d5e53910f1c8210 | Triage

Sharing

General

Target

265e851c177d5611ea0b3bef02daa90097d01a6ea9ca4fff2d5e53910f1c8210
Size

711KB
Sample

220309-k4j2pafhd5
MD5

019df4b47b24bf50e7022a174f12d75e
SHA1

f86f09b6084b65169f7c202545641bc7e40da256
SHA256

265e851c177d5611ea0b3bef02daa90097d01a6ea9ca4fff2d5e53910f1c8210
SHA512

43faf9de352c9e7ec92f242d18336a8649603e95c15ceadfe22ef7da6f55e3464b7e056303282faea8f012f2f6b9d33ecde7785bca4883038842aacbb40b495d

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  265e851c177d5611ea0b3bef02daa90097d01a6ea9ca4fff2d5e53910f1c8210
- Size
  
  711KB
- MD5
  
  019df4b47b24bf50e7022a174f12d75e
- SHA1
  
  f86f09b6084b65169f7c202545641bc7e40da256
- SHA256
  
  265e851c177d5611ea0b3bef02daa90097d01a6ea9ca4fff2d5e53910f1c8210
- SHA512
  
  43faf9de352c9e7ec92f242d18336a8649603e95c15ceadfe22ef7da6f55e3464b7e056303282faea8f012f2f6b9d33ecde7785bca4883038842aacbb40b495d
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware