General
-
Target
042acf5b5a63173d4deefb2561a9211f76e50a35156af0bf16fc9bc4f3a7a80b
-
Size
5.6MB
-
Sample
240311-xcap6aah5y
-
MD5
65ad63a59e084bae31a754685f21b66b
-
SHA1
4fc32768c95ee57621870d3dd690483eca766b56
-
SHA256
042acf5b5a63173d4deefb2561a9211f76e50a35156af0bf16fc9bc4f3a7a80b
-
SHA512
106a3bb5c957afe9f7596bf1d70dcfcdff707e872040e12a236d9d85ca2bf699db7b5263c65820e43d4cfcf7307b45d9b6c2fd9ed655a40d716aa1efa0c2061c
-
SSDEEP
49152:LY3buzMz0IY3buzMY0IY3buzMJ0IY3buzMM0IY3buzMh0IY3buzMI0IY3buzMu0Q:LY3rY3UY3FY34Y3dY3sY3GY3
Malware Config
Targets
-
-
Target
042acf5b5a63173d4deefb2561a9211f76e50a35156af0bf16fc9bc4f3a7a80b
-
Size
5.6MB
-
MD5
65ad63a59e084bae31a754685f21b66b
-
SHA1
4fc32768c95ee57621870d3dd690483eca766b56
-
SHA256
042acf5b5a63173d4deefb2561a9211f76e50a35156af0bf16fc9bc4f3a7a80b
-
SHA512
106a3bb5c957afe9f7596bf1d70dcfcdff707e872040e12a236d9d85ca2bf699db7b5263c65820e43d4cfcf7307b45d9b6c2fd9ed655a40d716aa1efa0c2061c
-
SSDEEP
49152:LY3buzMz0IY3buzMY0IY3buzMJ0IY3buzMM0IY3buzMh0IY3buzMI0IY3buzMu0Q:LY3rY3UY3FY34Y3dY3sY3GY3
Score10/10-
FakeAV, RogueAntivirus
FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
-
FakeAV payload
-
Adds Run key to start application
-
Drops file in System32 directory
-