fakeav | e97af27c6462ba9ea1de9a0b0850c7a642d8a36edd2fae5866fa25d03c417b66 | Triage

Submit
Reports

Overview

overview

Static

static

4dac98beaf...90.exe

windows7-x64

4dac98beaf...90.exe

windows10-2004-x64

Sharing

General

Target

4dac98beaf8b171b78acac4c85b99f90
Size

6.7MB
Sample

231219-srx2safda3
MD5

4dac98beaf8b171b78acac4c85b99f90
SHA1

b148791996badddc4c76029633d205334cb91ac7
SHA256

e97af27c6462ba9ea1de9a0b0850c7a642d8a36edd2fae5866fa25d03c417b66
SHA512

a611560c08c94c1498064a38a61fa53d3992a236545124d67f9824ca920fbd00a6fac87f26118e2a4005240c0a639d2cf2af158b98980c5c815b079bc6ae5b6b
SSDEEP

49152:67N1ahC30V7N1ahCy0V7N1ahCM0V7N1ahCT0V7N1ahCV7N1ahCx0V7N1ahCf0V7L:6767f757G7V7k7i7/737r

Score

10^/10

fakeav fakeav persistence spyware

Static task

static1

fakeav spyware fakeav

3 signatures

Behavioral task

behavioral1

Sample

4dac98beaf8b171b78acac4c85b99f90.exe

Resource

win7-20231215-en

fakeav fakeav persistence spyware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

4dac98beaf8b171b78acac4c85b99f90.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  4dac98beaf8b171b78acac4c85b99f90
- Size
  
  6.7MB
- MD5
  
  4dac98beaf8b171b78acac4c85b99f90
- SHA1
  
  b148791996badddc4c76029633d205334cb91ac7
- SHA256
  
  e97af27c6462ba9ea1de9a0b0850c7a642d8a36edd2fae5866fa25d03c417b66
- SHA512
  
  a611560c08c94c1498064a38a61fa53d3992a236545124d67f9824ca920fbd00a6fac87f26118e2a4005240c0a639d2cf2af158b98980c5c815b079bc6ae5b6b
- SSDEEP
  
  49152:67N1ahC30V7N1ahCy0V7N1ahCM0V7N1ahCT0V7N1ahCV7N1ahCx0V7N1ahCf0V7L:6767f757G7V7k7i7/737r
Score

10^/10

fakeav fakeav persistence spyware
- FakeAV, RogueAntivirus
  FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
  fakeav spyware fakeav
- FakeAV payload
  fakeav spyware
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

fakeavspywarefakeav

behavioral1

fakeavfakeavpersistencespyware

behavioral2

© 2018-2025

Terms | Privacy