Overview

overview

7

Static

static

1

fmXML_0.3_setup.exe

windows7-x64

7

fmXML_0.3_setup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fmXML_v0.3.zip

  • Size

    779KB

  • Sample

    230204-bx4yvafd5v

  • MD5

    efd24d5be5b0ebb7c069d6a87ad13ecb

  • SHA1

    52b23a729cba4521a4b700a6ebffbe128442d250

  • SHA256

    e00f13e36a6d268df17410d138c870fc06c3bc6f2d4fd47bce4479e8e64e8b00

  • SHA512

    44363328afc017a22754817d19b4605d2cc355d1bc4924c21cfd1dbc1299bc4277ce1878845d927fb3028c7c94f97e2456c22b40b68b11eafff9336e0d624056

  • SSDEEP

    24576:g0t20VnVvbhV+RnjxwIDF7dgxYqLIvw+Ho:rtnzgnjxwIfdL/Ho

Score
7/10
discovery

Malware Config

Targets

    • Target

      fmXML_0.3_setup.exe

    • Size

      801KB

    • MD5

      c359df68e88fb583fb29efb108991b15

    • SHA1

      725833fef27deb91a04fd1dbfc8c82c8966adfec

    • SHA256

      017004b55f8f8f2937dff1417bec45fd6eb15c7794dd8ecdc3a1162bf554df7d

    • SHA512

      08c2b18249e4c4ea92f3e229d3953e37bd6dbe80fb7f22a7fa29a5c824c37b90b56a1265494848a3cf3b91e0f82cf103e88d722046bba8a9e72a699970bb8502

    • SSDEEP

      12288:6Yk5uUlmiNaMNNnZp6Ajpn5v57a/RnjBIRTyDFX9LuOXqxAqUuFL3YCUw+Hq8q:vIrT3v55RORnjBCyDFNd6xAqxI9w+Hk

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks