General
-
Target
394d897aa0c07a070d3b55ab7a4de979
-
Size
1.4MB
-
Sample
231231-rg6qhabdhq
-
MD5
394d897aa0c07a070d3b55ab7a4de979
-
SHA1
04d01c5611474076376891f01dc2d92f96165fba
-
SHA256
584e9e2cc6019d7a1919139dfc65079c65722281a11745e96561d1cb43c0793a
-
SHA512
77b576328b8d53f3cf7d01ee655ab39cbe49cc85a342f6f06e8d8e43ea8b13fe7ee9fb4fe96f134da5dbb1bf1376d35be36a27a549d85b0b6632ce876ea41384
-
SSDEEP
24576:n67MnVnpA1lmTx8MmA07AaSuDSwdSE6EhDK67MnVnpA1lmTx8MmA07AaSuDSwd9y:67N1ahCS0V7N1ahCn0
Malware Config
Targets
-
-
Target
394d897aa0c07a070d3b55ab7a4de979
-
Size
1.4MB
-
MD5
394d897aa0c07a070d3b55ab7a4de979
-
SHA1
04d01c5611474076376891f01dc2d92f96165fba
-
SHA256
584e9e2cc6019d7a1919139dfc65079c65722281a11745e96561d1cb43c0793a
-
SHA512
77b576328b8d53f3cf7d01ee655ab39cbe49cc85a342f6f06e8d8e43ea8b13fe7ee9fb4fe96f134da5dbb1bf1376d35be36a27a549d85b0b6632ce876ea41384
-
SSDEEP
24576:n67MnVnpA1lmTx8MmA07AaSuDSwdSE6EhDK67MnVnpA1lmTx8MmA07AaSuDSwd9y:67N1ahCS0V7N1ahCn0
Score10/10-
FakeAV, RogueAntivirus
FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
-
FakeAV payload
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-