fakeav | 81ae1a6586df206a27d15f5a290061d5bffe2cdaaa7829d71bfa47eadde63a1e | Triage

Sharing

General

Target

81ae1a6586df206a27d15f5a290061d5bffe2cdaaa7829d71bfa47eadde63a1e
Size

711KB
Sample

220508-w5d3lsehd5
MD5

01f1ac908f18eac6d85a242d8bad4369
SHA1

5d95f97f1f4edc47f6afb922eb1a72ab049c9fc3
SHA256

81ae1a6586df206a27d15f5a290061d5bffe2cdaaa7829d71bfa47eadde63a1e
SHA512

45704ad237b3f3fe034e772e7a7a062ffeb787140467300a06f1ae3ede9b5daaa47fd37b74ad68719f3c42498a57b2f81779dd032b3f9c0c132da1dac096e040

Score

10^/10

fakeav fakeav persistence spyware

Malware Config

Targets

- Target
  
  81ae1a6586df206a27d15f5a290061d5bffe2cdaaa7829d71bfa47eadde63a1e
- Size
  
  711KB
- MD5
  
  01f1ac908f18eac6d85a242d8bad4369
- SHA1
  
  5d95f97f1f4edc47f6afb922eb1a72ab049c9fc3
- SHA256
  
  81ae1a6586df206a27d15f5a290061d5bffe2cdaaa7829d71bfa47eadde63a1e
- SHA512
  
  45704ad237b3f3fe034e772e7a7a062ffeb787140467300a06f1ae3ede9b5daaa47fd37b74ad68719f3c42498a57b2f81779dd032b3f9c0c132da1dac096e040
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

fakeavfakeavpersistencespyware