Overview

overview

10

Static

static

10

421b29aa32...04.exe

windows7-x64

10

421b29aa32...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

  • Size

    1.6MB

  • Sample

    241130-1sf4na1kfn

  • MD5

    9d5e0dab30c948aa1603518d4d27a39d

  • SHA1

    3bfcbf0e104f923b6fdc048564a1083137252f94

  • SHA256

    421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

  • SHA512

    a800c6fd7773b8bd430ef4fbc39becf50d560ad8df042236318aacc72570e0eb08da85a613f341d2c1061414c378cba54a566d2575520a524183e2ff247c0b83

  • SSDEEP

    24576:hxY3NtGUmJr+4Obxd+tPZSZsiE6EhE9xY3NtGUmJr+4Obxd+tPZSZyiE6EhE7:LY3buzMv0IY3buzMV0E

Score
10/10
fakeavdiscoveryfakeavpersistencespyware

Malware Config

Targets

    • Target

      421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

    • Size

      1.6MB

    • MD5

      9d5e0dab30c948aa1603518d4d27a39d

    • SHA1

      3bfcbf0e104f923b6fdc048564a1083137252f94

    • SHA256

      421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

    • SHA512

      a800c6fd7773b8bd430ef4fbc39becf50d560ad8df042236318aacc72570e0eb08da85a613f341d2c1061414c378cba54a566d2575520a524183e2ff247c0b83

    • SSDEEP

      24576:hxY3NtGUmJr+4Obxd+tPZSZsiE6EhE9xY3NtGUmJr+4Obxd+tPZSZyiE6EhE7:LY3buzMv0IY3buzMV0E

    Score
    10/10
    fakeavdiscoveryfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • Fakeav family

      fakeav

    • FakeAV payload

      fakeavspyware

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks