General

  • Target

    421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

  • Size

    1.6MB

  • Sample

    241130-1yz4qa1mdm

  • MD5

    9d5e0dab30c948aa1603518d4d27a39d

  • SHA1

    3bfcbf0e104f923b6fdc048564a1083137252f94

  • SHA256

    421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

  • SHA512

    a800c6fd7773b8bd430ef4fbc39becf50d560ad8df042236318aacc72570e0eb08da85a613f341d2c1061414c378cba54a566d2575520a524183e2ff247c0b83

  • SSDEEP

    24576:hxY3NtGUmJr+4Obxd+tPZSZsiE6EhE9xY3NtGUmJr+4Obxd+tPZSZyiE6EhE7:LY3buzMv0IY3buzMV0E

Malware Config

Targets

    • Target

      421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

    • Size

      1.6MB

    • MD5

      9d5e0dab30c948aa1603518d4d27a39d

    • SHA1

      3bfcbf0e104f923b6fdc048564a1083137252f94

    • SHA256

      421b29aa325b7b5e2688d2d218b4382dceabfdc62aca742a576742ca145fb304

    • SHA512

      a800c6fd7773b8bd430ef4fbc39becf50d560ad8df042236318aacc72570e0eb08da85a613f341d2c1061414c378cba54a566d2575520a524183e2ff247c0b83

    • SSDEEP

      24576:hxY3NtGUmJr+4Obxd+tPZSZsiE6EhE9xY3NtGUmJr+4Obxd+tPZSZyiE6EhE7:LY3buzMv0IY3buzMV0E

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

    • Fakeav family

    • FakeAV payload

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks