5c92f0738c290eac319d4ac3006b5725f1d2163fbfe68dbb2047e07920f4d5e8 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

FiddlerSetup.exe

windows7-x64

9

FiddlerSetup.exe

windows10-1703-x64

9

FiddlerSetup.exe

windows10-2004-x64

4

Sharing

General

Target

FiddlerSetup.exe
Size

6.5MB
Sample

231012-g7wywaec33
MD5

7fd1119b5f29e4094228dabf57e65a9d
SHA1

1a4e248bfe07f8c65ce68b4f29013442be6ef7c7
SHA256

5c92f0738c290eac319d4ac3006b5725f1d2163fbfe68dbb2047e07920f4d5e8
SHA512

20d22e16f5c285bd6ffdf3620762c340ffb97cc51c5080717b87442f29a14271644351b082392d9fb2fd1ce40a1fe56a4e6592a290d67f5c587e8e9eb2f33787
SSDEEP

196608:Q962sDwuahkk8ZaQd9NCMbw4fO0ADH6Op:Q5uAkk8ZBCuXfjADH6s

Score

9^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FiddlerSetup.exe

Resource

win7-20230831-en

discovery evasion

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

FiddlerSetup.exe

Resource

win10-20230915-en

discovery evasion

windows10-1703-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

FiddlerSetup.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  FiddlerSetup.exe
- Size
  
  6.5MB
- MD5
  
  7fd1119b5f29e4094228dabf57e65a9d
- SHA1
  
  1a4e248bfe07f8c65ce68b4f29013442be6ef7c7
- SHA256
  
  5c92f0738c290eac319d4ac3006b5725f1d2163fbfe68dbb2047e07920f4d5e8
- SHA512
  
  20d22e16f5c285bd6ffdf3620762c340ffb97cc51c5080717b87442f29a14271644351b082392d9fb2fd1ce40a1fe56a4e6592a290d67f5c587e8e9eb2f33787
- SSDEEP
  
  196608:Q962sDwuahkk8ZaQd9NCMbw4fO0ADH6Op:Q5uAkk8ZBCuXfjADH6s
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

behavioral3

© 2018-2024

Terms | Privacy