fakeav | 1753e113812f9b0000c6874c7a7225217fa9a40f25e0b0a0309e3e46ed0e5e00 | Triage

Sharing

General

Target

1753e113812f9b0000c6874c7a7225217fa9a40f25e0b0a0309e3e46ed0e5e00
Size

711KB
Sample

220508-f7hktagca4
MD5

0002d90525a914df059de1b20b05f003
SHA1

058991c410a1c2431195025d53dfe98200c44938
SHA256

1753e113812f9b0000c6874c7a7225217fa9a40f25e0b0a0309e3e46ed0e5e00
SHA512

d1d4e61bee1d3be9fa35af8406c37c6707819d1392c4c3f08099aa07679e8292a62840f93a7491e5e526c598ecba7ebe73d7bb5c67ac1827bfc3993c89b508d7

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  1753e113812f9b0000c6874c7a7225217fa9a40f25e0b0a0309e3e46ed0e5e00
- Size
  
  711KB
- MD5
  
  0002d90525a914df059de1b20b05f003
- SHA1
  
  058991c410a1c2431195025d53dfe98200c44938
- SHA256
  
  1753e113812f9b0000c6874c7a7225217fa9a40f25e0b0a0309e3e46ed0e5e00
- SHA512
  
  d1d4e61bee1d3be9fa35af8406c37c6707819d1392c4c3f08099aa07679e8292a62840f93a7491e5e526c598ecba7ebe73d7bb5c67ac1827bfc3993c89b508d7
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware