General
-
Target
212370ddf991345013399b58bdd5f3ea
-
Size
5.5MB
-
Sample
231231-afgasadbe9
-
MD5
212370ddf991345013399b58bdd5f3ea
-
SHA1
33a9158e1d32860d829c01a9f800d536baa967bd
-
SHA256
eb67e90eae8a33187cac4eb56cf25f08d8796c095e5023cdf99943946ba43bc2
-
SHA512
56a2969f0731cb1ec815bdf84526256a4e1bc5c5fa313b7fd8cfdbcaafbafb7e11363ba0746ad264761459016486f91d9c7909204a0ab77f566fc29548c4df85
-
SSDEEP
49152:67N1ahCf0V7N1ahCM0V7N1ahCb0V7N1ahCUD7N1ahC70V7N1ahC00V7N1ahC50V8:67i757O7Y7u7h7s7w
Malware Config
Targets
-
-
Target
212370ddf991345013399b58bdd5f3ea
-
Size
5.5MB
-
MD5
212370ddf991345013399b58bdd5f3ea
-
SHA1
33a9158e1d32860d829c01a9f800d536baa967bd
-
SHA256
eb67e90eae8a33187cac4eb56cf25f08d8796c095e5023cdf99943946ba43bc2
-
SHA512
56a2969f0731cb1ec815bdf84526256a4e1bc5c5fa313b7fd8cfdbcaafbafb7e11363ba0746ad264761459016486f91d9c7909204a0ab77f566fc29548c4df85
-
SSDEEP
49152:67N1ahCf0V7N1ahCM0V7N1ahCb0V7N1ahCUD7N1ahC70V7N1ahC00V7N1ahC50V8:67i757O7Y7u7h7s7w
Score10/10-
FakeAV, RogueAntivirus
FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
-
FakeAV payload
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-