fakeav | 8677e9a95de6a9894e5d7e34c0ee8405af0487fa038e588225b2b6a2a17711fe | Triage

Sharing

General

Target

8677e9a95de6a9894e5d7e34c0ee8405af0487fa038e588225b2b6a2a17711fe
Size

7.6MB
Sample

220326-x18bbsgeg4
MD5

02049c450af73bb9fea8d0278d135fe1
SHA1

18f0ca7d59b56f2f9ad196970271212e464ad7a2
SHA256

8677e9a95de6a9894e5d7e34c0ee8405af0487fa038e588225b2b6a2a17711fe
SHA512

edd47b347a0c5a7f6aba1b67a94fc27d5cbd4a72a4d51a9c9c1ec32e133cdb07e6650c50c129161a157d4cecd6fa18b9a100862743d5fa94428d3bb4a64b6b53

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  8677e9a95de6a9894e5d7e34c0ee8405af0487fa038e588225b2b6a2a17711fe
- Size
  
  7.6MB
- MD5
  
  02049c450af73bb9fea8d0278d135fe1
- SHA1
  
  18f0ca7d59b56f2f9ad196970271212e464ad7a2
- SHA256
  
  8677e9a95de6a9894e5d7e34c0ee8405af0487fa038e588225b2b6a2a17711fe
- SHA512
  
  edd47b347a0c5a7f6aba1b67a94fc27d5cbd4a72a4d51a9c9c1ec32e133cdb07e6650c50c129161a157d4cecd6fa18b9a100862743d5fa94428d3bb4a64b6b53
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware