General

  • Target

    505cc1257b10d5d6603aa32d9c7bfdc8bb7ba1246c9b72ce1df1dfedceaa3173

  • Size

    4.9MB

  • Sample

    220719-dxt5rahfbl

  • MD5

    efb7a1dd46db3c080a3c3b76314bf7d4

  • SHA1

    888ce1adccdb8a86e601f525db2832a8eec5720a

  • SHA256

    505cc1257b10d5d6603aa32d9c7bfdc8bb7ba1246c9b72ce1df1dfedceaa3173

  • SHA512

    00c83f13c7e6e3e77743024d60839490e470cce8204dfb58500eec275e8f6031c8629aa6b5e75eda014a0482a3136b364f700ef8965bf143e65fc6f843152f8a

Malware Config

Targets

    • Target

      505cc1257b10d5d6603aa32d9c7bfdc8bb7ba1246c9b72ce1df1dfedceaa3173

    • Size

      4.9MB

    • MD5

      efb7a1dd46db3c080a3c3b76314bf7d4

    • SHA1

      888ce1adccdb8a86e601f525db2832a8eec5720a

    • SHA256

      505cc1257b10d5d6603aa32d9c7bfdc8bb7ba1246c9b72ce1df1dfedceaa3173

    • SHA512

      00c83f13c7e6e3e77743024d60839490e470cce8204dfb58500eec275e8f6031c8629aa6b5e75eda014a0482a3136b364f700ef8965bf143e65fc6f843152f8a

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks