TROJ_FAKEAV.GZD - Threat Encyclopedia
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 2c68d857-ab8d-4c4f-b51b-e97d911b5cd7 |
| Fingerprint | 4699e97aa5b6e1a5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 8, 2012, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 2, 2024, 11:59 a.m. |
| Headline | TROJ_FAKEAV.GZD |
| Title | TROJ_FAKEAV.GZD - Threat Encyclopedia |
| Detected Hints/Tags/Attributes | 30/1/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | sites.it |
|
| Details | Domain | 1 | qag.com |
|
| Details | File | 1 | troj_fakeav.gz |
|
| Details | File | 199 | firefox.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.exe\shell |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\exefile\shell |
|
| Details | Windows Registry Key | 8 | HKEY_CURRENT_USER\Software\Classes |
|
| Details | Windows Registry Key | 22 | HKEY_CURRENT_USER\Software\Microsoft |
|
| Details | Windows Registry Key | 2 | HKEY_LOCAL_MACHINE\SOFTWARE\Clients |
|
| Details | Windows Registry Key | 6 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet |
|
| Details | Windows Registry Key | 25 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Classes\.exe |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Classes\exefile |
|
| Details | Windows Registry Key | 3 | HKEY_CLASSES_ROOT\exefile\shell\open\command |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\exefile\shell\runas\command |
|
| Details | Windows Registry Key | 1 | HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile |
|
| Details | Windows Registry Key | 2 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command |
|
| Details | Windows Registry Key | 1 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile |