Overview

overview

10

Static

static

10

f206690224...98.exe

windows7_x64

10

f206690224...98.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f206690224622c031231df45c975cb103b9c803a27308450f4d81cdbc487dc98

  • Size

    1.6MB

  • Sample

    220508-vg2nbscha7

  • MD5

    0253b4f5b882a8075f250b8eb2f01b15

  • SHA1

    7181349046e2ed6025c6d3a7ea61e8804564771e

  • SHA256

    f206690224622c031231df45c975cb103b9c803a27308450f4d81cdbc487dc98

  • SHA512

    8733552c33de95e7e45382e7361f3eb4b49709b1a5c04529772a1bb50071647769a70e8df0dc14ded69c3359f25d9397261f59627cc60442a0911f7d8a6a16ec

Score
10/10
fakeavfakeavpersistencespyware

Malware Config

Targets

    • Target

      f206690224622c031231df45c975cb103b9c803a27308450f4d81cdbc487dc98

    • Size

      1.6MB

    • MD5

      0253b4f5b882a8075f250b8eb2f01b15

    • SHA1

      7181349046e2ed6025c6d3a7ea61e8804564771e

    • SHA256

      f206690224622c031231df45c975cb103b9c803a27308450f4d81cdbc487dc98

    • SHA512

      8733552c33de95e7e45382e7361f3eb4b49709b1a5c04529772a1bb50071647769a70e8df0dc14ded69c3359f25d9397261f59627cc60442a0911f7d8a6a16ec

    Score
    10/10
    fakeavfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks