XMToolBox.exe

General
Target

XMToolBox.exe

Size

5MB

Sample

210504-wsdyvddnqs

Score
9 /10
MD5

b5e5b774f5228a39349ce7562d885f5f

SHA1

cb4525243f5489c17bd010445efc80a1e38afc76

SHA256

fa1462d4e6fce1dbb5c4813cd596555e3a583face9932e173af9913a421fb428

SHA512

4415201004971071cf3a7c6fd479635a1e4e88ccc217c763217ed0352509b7953d03dc9c999b5a3f638fac3b2183ffbca11badd45f817349da218e31b82c0403

Malware Config
Targets
Target

XMToolBox.exe

MD5

b5e5b774f5228a39349ce7562d885f5f

Filesize

5MB

Score
9 /10
SHA1

cb4525243f5489c17bd010445efc80a1e38afc76

SHA256

fa1462d4e6fce1dbb5c4813cd596555e3a583face9932e173af9913a421fb428

SHA512

4415201004971071cf3a7c6fd479635a1e4e88ccc217c763217ed0352509b7953d03dc9c999b5a3f638fac3b2183ffbca11badd45f817349da218e31b82c0403

Tags

Signatures

  • ACProtect 1.3x - 1.4x DLL software

    Description

    Detects file using ACProtect software.

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          9/10

                          behavioral2

                          9/10