General

  • Target

    6c9ce6eb0d5488195f83ea02421a82eaa77eddd61efc91e4b847900fb57ebfbe

  • Size

    5.6MB

  • Sample

    220616-k98x1acdap

  • MD5

    2632bf0a3845aa5f0565d9bacc724a3c

  • SHA1

    5965cbadbe0311ac1c48c1487162affcd932a8ef

  • SHA256

    6c9ce6eb0d5488195f83ea02421a82eaa77eddd61efc91e4b847900fb57ebfbe

  • SHA512

    8f38c60f0588f04d079896a0be30906d769d31cfc796cbcf4d82c19fd4992d6e77b00e9f60d2527af1f0f312751bb3283d61bbbbd7ec68f66e44be854e715ea6

Malware Config

Targets

    • Target

      6c9ce6eb0d5488195f83ea02421a82eaa77eddd61efc91e4b847900fb57ebfbe

    • Size

      5.6MB

    • MD5

      2632bf0a3845aa5f0565d9bacc724a3c

    • SHA1

      5965cbadbe0311ac1c48c1487162affcd932a8ef

    • SHA256

      6c9ce6eb0d5488195f83ea02421a82eaa77eddd61efc91e4b847900fb57ebfbe

    • SHA512

      8f38c60f0588f04d079896a0be30906d769d31cfc796cbcf4d82c19fd4992d6e77b00e9f60d2527af1f0f312751bb3283d61bbbbd7ec68f66e44be854e715ea6

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks