Malware: FakeM

Description

[FakeM](https://attack.mitre.org/software/S0076) is a shellcode-based Windows backdoor that has been used by [Scarlet Mimic](https://attack.mitre.org/groups/G0029). (Citation: Scarlet Mimic Jan 2016)

External References

• mitre-attack
• Scarlet Mimic Jan 2016

Techniques Used by This Malware

• T1001.003 — Protocol or Service Impersonation
• T1056.001 — Keylogging
• T1095 — Non-Application Layer Protocol
• T1573.001 — Symmetric Cryptography

APT Groups Using This Malware

• Scarlet Mimic