06812518a722af6f98fbd8c3a5ace0cad1c6d53477972618728e64bafcbc948c | Triage

Submit
Reports

Overview

overview

Static

static

3

FiddlerSet...st.exe

windows10-2004-x64

$PLUGINSDI...up.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analytics.dll

windows10-2004-x64

1

Be.Windows...ox.dll

windows10-2004-x64

1

DotNetZip.dll

windows10-2004-x64

1

EnableLoopback.exe

windows10-2004-x64

7

ExecAction.exe

windows10-2004-x64

1

FSE2.exe

windows10-2004-x64

3

Fiddler.exe

windows10-2004-x64

9

ForceCPU.exe

windows10-2004-x64

1

GA.Analyti...or.dll

windows10-2004-x64

1

ImportExpo...ts.dll

windows10-2004-x64

1

ImportExpo...rt.dll

windows10-2004-x64

1

Inspectors...on.dll

windows10-2004-x64

1

Inspectors...or.dll

windows10-2004-x64

1

Inspectors...es.dll

windows10-2004-x64

1

Inspectors...ax.dll

windows10-2004-x64

1

Inspectors...rd.dll

windows10-2004-x64

1

Inspectors...ew.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Plugins/Ne...ws.dll

windows10-2004-x64

1

RunNsisUni...rs.bat

windows10-2004-x64

1

ScriptEdit...cs.dll

windows10-2004-x64

1

ScriptEdit...or.dll

windows10-2004-x64

1

ScriptEdit...on.dll

windows10-2004-x64

1

ScriptEdit...or.dll

windows10-2004-x64

1

ScriptEdit...rs.dll

windows10-2004-x64

1

ScriptEdit...ax.dll

windows10-2004-x64

1

Scripts/Fi...on.dll

windows10-2004-x64

1

Scripts/Fi...on.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
29-05-2024 15:13

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FiddlerSetup.5.0.20242.10753-latest.exe

Resource

win10v2004-20240508-en

wannacry defense_evasion discovery execution impact persistence ransomware worm

windows10-2004-x64

23 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/FiddlerSetup.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

Analytics.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Be.Windows.Forms.HexBox.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

DotNetZip.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

EnableLoopback.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

ExecAction.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

FSE2.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

Fiddler.exe

Resource

win10v2004-20240426-en

discovery evasion

windows10-2004-x64

20 signatures

150 seconds

Behavioral task

behavioral11

Sample

ForceCPU.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

GA.Analytics.Monitor.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

ImportExport/BasicFormats.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

ImportExport/VSWebTestExport.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Inspectors/QWhale.Common.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Inspectors/QWhale.Editor.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Inspectors/QWhale.Syntax.Schemes.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Inspectors/QWhale.Syntax.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Inspectors/Standard.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Inspectors/SyntaxView.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Newtonsoft.Json.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Plugins/NetworkConnections/Telerik.NetworkConnections.Windows.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

RunNsisUninstallers.bat

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

ScriptEditor/Analytics.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

ScriptEditor/GA.Analytics.Monitor.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

ScriptEditor/QWhale.Common.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

ScriptEditor/QWhale.Editor.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

ScriptEditor/QWhale.Syntax.Parsers.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

ScriptEditor/QWhale.Syntax.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Scripts/FiddlerOrchestra.Addon.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Scripts/FiddlerOrchestra.Connection.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

Scripts/FiddlerOrchestra.Addon.dll
Size

47KB
MD5

2d94327624f5787df9d0e87dac28987f
SHA1

902450afd77bed60d508d482502c562ef332342f
SHA256

acc04fec692c7f5e6806fb14b8d3efa3d6670830c74a59d02613bc444db2dbda
SHA512

d93454e51c984488f24d255523a6453625063ac44dcddd42934e4cc9c10b9940a1f7d69689b224620d08e9a24d0e109a8346f23690d37993f9b4e3bf37831735
SSDEEP

768:4/CVPuRQuxvtICmEI086vCNVTFzQyxQyHjNbpVu5yUJhFx06qxf1mlZxfyKEU:4/5YEI08WCNVTPHjdvunhFxefInfy

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Scripts\FiddlerOrchestra.Addon.dll,#1
1⤵
PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy