fakeav | b2242bb73bfaed60cea219e356f486d9af8c3fc5102cd19453bd497d82bcca83 | Triage

Submit
Reports

Overview

overview

Static

static

1.exe

windows7-x64

Sharing

General

Target

1.exe
Size

711KB
Sample

220730-p3qkasbhal
MD5

0de1c2cf69738f36198dd30ce3ac5b03
SHA1

762a0b3b03ae493d051578742ae7a033de23f817
SHA256

b2242bb73bfaed60cea219e356f486d9af8c3fc5102cd19453bd497d82bcca83
SHA512

fae88854a8ba24c1b322df2f3fbc65b0c569978e5887d19557029ffcb83004d68f4e9158f226e478f92006d82430e6db9c8e324d7c0ca8b276a2d73460e12dfe

Score

10^/10

fakeav fakeav persistence spyware

Static task

static1

fakeav spyware fakeav

2 signatures

Behavioral task

behavioral1

Sample

1.exe

Resource

win7-20220718-en

fakeav fakeav persistence spyware

windows7-x64

4 signatures

30 seconds

Malware Config

Targets

- Target
  
  1.exe
- Size
  
  711KB
- MD5
  
  0de1c2cf69738f36198dd30ce3ac5b03
- SHA1
  
  762a0b3b03ae493d051578742ae7a033de23f817
- SHA256
  
  b2242bb73bfaed60cea219e356f486d9af8c3fc5102cd19453bd497d82bcca83
- SHA512
  
  fae88854a8ba24c1b322df2f3fbc65b0c569978e5887d19557029ffcb83004d68f4e9158f226e478f92006d82430e6db9c8e324d7c0ca8b276a2d73460e12dfe
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

© 2018-2025

Terms | Privacy