6b81e9096e235e9ddb85ef4e252c3cdb1a7ba59222ec0ba20b36240462dbf82e | Triage

Sharing

General

Target

fdm_x86_setup.exe
Size

29.6MB
Sample

230812-a16feabd21
MD5

98787369b9d98df577a0adb767d7b09f
SHA1

565a8fdded61f76628a2e897d450afb542860ec7
SHA256

6b81e9096e235e9ddb85ef4e252c3cdb1a7ba59222ec0ba20b36240462dbf82e
SHA512

3639b34cc7705f3d9dc61f1fed57770bd02df95c59759fc65ebe0a44d26fcd4df7cd67284284bacf3968d3bd99b5f4f558a43c1642cc36f9f8544766e2e157d9
SSDEEP

393216:8h5DlMt3JlOdMcH0VDEqGvj9hTG+e1vCEjdPG623TcEcnr2Hc5tYvyCNttU9AZa/:olo3CeVDVs5CdhIQnDuXm9aag07hMC

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  fdm_x86_setup.exe
- Size
  
  29.6MB
- MD5
  
  98787369b9d98df577a0adb767d7b09f
- SHA1
  
  565a8fdded61f76628a2e897d450afb542860ec7
- SHA256
  
  6b81e9096e235e9ddb85ef4e252c3cdb1a7ba59222ec0ba20b36240462dbf82e
- SHA512
  
  3639b34cc7705f3d9dc61f1fed57770bd02df95c59759fc65ebe0a44d26fcd4df7cd67284284bacf3968d3bd99b5f4f558a43c1642cc36f9f8544766e2e157d9
- SSDEEP
  
  393216:8h5DlMt3JlOdMcH0VDEqGvj9hTG+e1vCEjdPG623TcEcnr2Hc5tYvyCNttU9AZa/:olo3CeVDVs5CdhIQnDuXm9aag07hMC
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence