Overview

overview

10

Static

static

10

bbfb89e487...eN.exe

windows7-x64

10

bbfb89e487...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbfb89e487719fbcf82040f819c39727e46228e237580013c088d6e3a7a7271eN

  • Size

    1.6MB

  • Sample

    241103-3n5mkawret

  • MD5

    51316e7bb1d4ca5815b90a4406c044c0

  • SHA1

    3ceac45f6b934a938993d77dab0da994ef3de510

  • SHA256

    bbfb89e487719fbcf82040f819c39727e46228e237580013c088d6e3a7a7271e

  • SHA512

    dca433799239a24ee7cb2fbf481207e0f30e77382e6040dab8f286b0bc0a8446d9ded67483a82f9c18f010284445b33923561785b24a13e29a99fe91c56de835

  • SSDEEP

    24576:hxY3NtGUmJr+4Obxd+tPZSZXiE6EhE9xY3NtGUmJr+4Obxd+tPZSZ4iE6EhE:LY3buzM40IY3buzM/0

Score
10/10
fakeavdiscoveryfakeavpersistencespyware

Malware Config

Targets

    • Target

      bbfb89e487719fbcf82040f819c39727e46228e237580013c088d6e3a7a7271eN

    • Size

      1.6MB

    • MD5

      51316e7bb1d4ca5815b90a4406c044c0

    • SHA1

      3ceac45f6b934a938993d77dab0da994ef3de510

    • SHA256

      bbfb89e487719fbcf82040f819c39727e46228e237580013c088d6e3a7a7271e

    • SHA512

      dca433799239a24ee7cb2fbf481207e0f30e77382e6040dab8f286b0bc0a8446d9ded67483a82f9c18f010284445b33923561785b24a13e29a99fe91c56de835

    • SSDEEP

      24576:hxY3NtGUmJr+4Obxd+tPZSZXiE6EhE9xY3NtGUmJr+4Obxd+tPZSZ4iE6EhE:LY3buzM40IY3buzM/0

    Score
    10/10
    fakeavdiscoveryfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • Fakeav family

      fakeav

    • FakeAV payload

      fakeavspyware

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks