Overview

overview

10

Static

static

10

1c8ef15396...b3.exe

windows7-x64

10

1c8ef15396...b3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c8ef15396fd8c5578102ba20bd472fe425195f303dc1d9d8a5d0e1ca4463cb3

  • Size

    711KB

  • Sample

    240827-x3c8zaygpm

  • MD5

    0670b0a9cd1fc818923c0c2aa388aafb

  • SHA1

    e70066f73a91a7f33251bef6629219ecf16e5d21

  • SHA256

    1c8ef15396fd8c5578102ba20bd472fe425195f303dc1d9d8a5d0e1ca4463cb3

  • SHA512

    2e4697515e3f09937babae11c813e74a09e559dacf5ae4880aa4f220cec8dd3065d1bc77c9d7b5c0908ca56a218cc9320e263afe3e4d366ed5390060008bb19c

  • SSDEEP

    12288:yoxejOONAM7GUC1Jr+4o628gx2Jw+tP3Jzm8JObHXC3X+pd167QhEQO:hxY3NtGUmJr+4Obxd+tPZSZLiE6EhE

Score
10/10
fakeavdiscoveryfakeavpersistencespyware

Malware Config

Targets

    • Target

      1c8ef15396fd8c5578102ba20bd472fe425195f303dc1d9d8a5d0e1ca4463cb3

    • Size

      711KB

    • MD5

      0670b0a9cd1fc818923c0c2aa388aafb

    • SHA1

      e70066f73a91a7f33251bef6629219ecf16e5d21

    • SHA256

      1c8ef15396fd8c5578102ba20bd472fe425195f303dc1d9d8a5d0e1ca4463cb3

    • SHA512

      2e4697515e3f09937babae11c813e74a09e559dacf5ae4880aa4f220cec8dd3065d1bc77c9d7b5c0908ca56a218cc9320e263afe3e4d366ed5390060008bb19c

    • SSDEEP

      12288:yoxejOONAM7GUC1Jr+4o628gx2Jw+tP3Jzm8JObHXC3X+pd167QhEQO:hxY3NtGUmJr+4Obxd+tPZSZLiE6EhE

    Score
    10/10
    fakeavdiscoveryfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • FakeAV payload

      fakeavspyware

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks