Overview

overview

10

Static

static

10

e1b30584f2...5N.exe

windows7-x64

10

e1b30584f2...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1b30584f28003dac79aece172ee903bb57aae7cde2a36ed28ff16b38f7cc6b5N.exe

  • Size

    1.6MB

  • Sample

    241226-cfehastrdm

  • MD5

    168ce7d6643f3dfb3aa10aebfe735590

  • SHA1

    3db74d32e4015488aad0bd04818fa69de8574c75

  • SHA256

    e1b30584f28003dac79aece172ee903bb57aae7cde2a36ed28ff16b38f7cc6b5

  • SHA512

    14516e15d46614af8754b046962bfc177bbd3fccc2f10ca92b0349daa118a2ce2dff60a4d030df8cd71c5d334a1490affd37bcace8379d9dc495b36f639617b6

  • SSDEEP

    24576:hxY3NtGUmJr+4Obxd+tPZSZViE6EhE9xY3NtGUmJr+4Obxd+tPZSZUiE6EhE:LY3buzMi0IY3buzM70

Score
10/10
fakeavdiscoveryfakeavpersistencespyware

Malware Config

Targets

    • Target

      e1b30584f28003dac79aece172ee903bb57aae7cde2a36ed28ff16b38f7cc6b5N.exe

    • Size

      1.6MB

    • MD5

      168ce7d6643f3dfb3aa10aebfe735590

    • SHA1

      3db74d32e4015488aad0bd04818fa69de8574c75

    • SHA256

      e1b30584f28003dac79aece172ee903bb57aae7cde2a36ed28ff16b38f7cc6b5

    • SHA512

      14516e15d46614af8754b046962bfc177bbd3fccc2f10ca92b0349daa118a2ce2dff60a4d030df8cd71c5d334a1490affd37bcace8379d9dc495b36f639617b6

    • SSDEEP

      24576:hxY3NtGUmJr+4Obxd+tPZSZViE6EhE9xY3NtGUmJr+4Obxd+tPZSZUiE6EhE:LY3buzMi0IY3buzM70

    Score
    10/10
    fakeavdiscoveryfakeavpersistencespyware

    • FakeAV, RogueAntivirus

      FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.

      fakeavspywarefakeav

    • Fakeav family

      fakeav

    • FakeAV payload

      fakeavspyware

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks