General

  • Target

    virussign.com_0b8141b857edb336b5ec769f9732c460

  • Size

    711KB

  • Sample

    220715-rszfkaccfp

  • MD5

    0b8141b857edb336b5ec769f9732c460

  • SHA1

    878775099f2cd865b035ef77bc1d9b68cfdcbcae

  • SHA256

    4bc37eb3f7058a7f72e1d83b2a8296ff3628b28dfc4e11627a0bdcb7dae2867e

  • SHA512

    659de4422d2437f603acc40650b6eed73aeda118052127628277e9538b15faee26f007324dd0f14f5909b9ba83f69821d86c8568b8a6f3d578800af7e5577ec0

Malware Config

Targets

    • Target

      virussign.com_0b8141b857edb336b5ec769f9732c460

    • Size

      711KB

    • MD5

      0b8141b857edb336b5ec769f9732c460

    • SHA1

      878775099f2cd865b035ef77bc1d9b68cfdcbcae

    • SHA256

      4bc37eb3f7058a7f72e1d83b2a8296ff3628b28dfc4e11627a0bdcb7dae2867e

    • SHA512

      659de4422d2437f603acc40650b6eed73aeda118052127628277e9538b15faee26f007324dd0f14f5909b9ba83f69821d86c8568b8a6f3d578800af7e5577ec0

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks