0d887e91da0551c333f22db3b4a5289614eb20fff63188851509e0645cc774c8

Sharing

Copy URL

Twitter E-mail

General

Target

Fiddler Everywhere 5.12.0.exe
Size

141.3MB
Sample

240628-2ykjpsvang
MD5

41d6e7f2e942f8bf8ed844228cd3d9eb
SHA1

c545226f7a1bff099acf881bdb738c90218afe7a
SHA256

0d887e91da0551c333f22db3b4a5289614eb20fff63188851509e0645cc774c8
SHA512

64c1c71b2b6c9f3cfa52a1c11a2d7971a8f9081d4d28f54fa2cc66a69f549c2ae394c1a58e81f4b74f07f84402cafb30af3be16547ca88336527a9acd64449da
SSDEEP

3145728:ayWTzxKnKlyN8UrcVb1LzgdSumCV0johP1AQWnS6kWiidjXjdMyYJqySWPp:zWJeubNVZcQsP1PsS6knWMJqAR

Score

7^/10

execution

Malware Config

Targets

- Target
  
  Fiddler Everywhere 5.12.0.exe
- Size
  
  141.3MB
- MD5
  
  41d6e7f2e942f8bf8ed844228cd3d9eb
- SHA1
  
  c545226f7a1bff099acf881bdb738c90218afe7a
- SHA256
  
  0d887e91da0551c333f22db3b4a5289614eb20fff63188851509e0645cc774c8
- SHA512
  
  64c1c71b2b6c9f3cfa52a1c11a2d7971a8f9081d4d28f54fa2cc66a69f549c2ae394c1a58e81f4b74f07f84402cafb30af3be16547ca88336527a9acd64449da
- SSDEEP
  
  3145728:ayWTzxKnKlyN8UrcVb1LzgdSumCV0johP1AQWnS6kWiidjXjdMyYJqySWPp:zWJeubNVZcQsP1PsS6knWMJqAR
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  resources/app/.eslintrc.js
- Size
  
  6KB
- MD5
  
  158443f29c52005013ce180a9077eb6d
- SHA1
  
  d66dd0789645b1779512a4df5e44bb8a189cca90
- SHA256
  
  76af8a77611df1e832f737d46a360a99618775465e89f1196e2b085ec1e9a28b
- SHA512
  
  9bab4a4fb07bb44b3141eacffd046b22341e2b99064eabe9b7b95b0c236eb0661d04a725e2392d465f654961be76a5a22c5960a98bda4d8443d7f43ca2f9c41f
- SSDEEP
  
  192:DaHeUx8DBQpvbpmSCvGFHAy5Lv7c5+gxmivjpv7UmLkAvTpyTUK7:DoLpJ5T+S
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  resources/app/EULA.html
- Size
  
  184KB
- MD5
  
  0892909fd72035474dd3fe0cdc76b483
- SHA1
  
  39050447945475bebbe891767dd50946e16f7384
- SHA256
  
  9bf27c7c6d660937947e5e166250d8a3f52de47015c89c469f7de7d0d15fa7f8
- SHA512
  
  b42cf19ce67f7fc56eb81fe0c5c9004b6ce1eb7b262458cf5f58b59f7b7e066e2a5546c3f21b4f9ea552eff578635be159741a789de1a4b4024f0284ccfe9e41
- SSDEEP
  
  1536:wmKmgizxZDVt0ddZRxs8hB/FSjs4mylU0O1S+Zx7fv+ircETTv7OHWKzNv1AACbq:wKg7ZrhXEYo/bUd9cbXJ
Score

1^/10
behavioral13 behavioral14
- Target
  
  resources/app/esbuild.reporter.config.js
- Size
  
  4KB
- MD5
  
  91fd321cd655bdf8fb66e364b3bbf7b7
- SHA1
  
  7ea10bbd5d912d035b073de419b04ac455b44644
- SHA256
  
  8f1c0597271e891a46a9cf1370a8ce611323283f0e7488f303f74c1446e602ab
- SHA512
  
  ce689bba116069cb7c4a87f8089353924fa6d81ae8b1894d88917e445aca7bdbfecd63e40e7ae9b8adc00c4e8ed0eaddb894acef4ae72dafe0697f1819963ac8
- SSDEEP
  
  96:zUp3EAwdfG+o2ggSL34YtWcHMd+UBgQ9roGv:UEA6G+o2ggSTWcsd+ugsrN
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  resources/app/jest.config.js
- Size
  
  123B
- MD5
  
  3a0715656bd0d5026624afdfce0b2027
- SHA1
  
  f631f68fa639a63dc62417f7867df20d6b137e04
- SHA256
  
  05d33ee64a44ff6a04d6aa2840a8d2a5ddc8ed4bfff0e8e8c7709780401f3c75
- SHA512
  
  70ba36c292bacf77b15854cd660d56dcd5b70a5629b7ddb0c590cdee82bad888e16eb466f4f7620a20daf61490072c5e4f63e8e8b1ee0d52d2a5d8e265d80a5f
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  resources/app/out/WebServer/AutoMapper.Extensions.Microsoft.DependencyInjection.dll
- Size
  
  12KB
- MD5
  
  6d5600bdbfe2e17f01ac07100d264051
- SHA1
  
  3b80b47f91c34d1e211142aaa61bf2bd2389daf6
- SHA256
  
  44598fe82fbfc18975212ad505e902f8adb3ac1c2a3c3530be2f1d570fad8946
- SHA512
  
  7dbc75e5cb28d92487cf6cc04478e651b59aba6c4f526d4cfbfe874eaaccc149f6c4230788055a038d91b5e6e5bd3e1f60e4fed713aa73772bf203d6c57261a5
- SSDEEP
  
  384:7bSrE5JDj9uKKKHab47/MzsFK6SIIi3r+09:fF5JDj8KKKHb70Aw6Se3r+09
Score

1^/10
behavioral19 behavioral20
- Target
  
  resources/app/out/WebServer/AutoMapper.dll
- Size
  
  257KB
- MD5
  
  c8a4a719cf3c0552fede21052a9fedbb
- SHA1
  
  4eb9ea3643c5e37fb6133cabdef184d85c8f70b5
- SHA256
  
  20f2c40a3873028e496a956eb8007f653e4e1b089245910ac6d63b10c3421f7f
- SHA512
  
  57fb7e56485138c68c4edb48f2cd847c82ab5c673af0ac9ab326d53f531c1c380f51cb211c52475be6d0901606ded72cdfb9594597bb00b175ae01cdbf9cf0ab
- SSDEEP
  
  3072:kiztzksO+IKSi6EJNIcEBV4Xkrlf3BwneIPFkYBFz35dgD7EX8EeErs7WmQsk8Bf:ki5sMN+L0krDCFTv4berBskwl
Score

1^/10
behavioral21 behavioral22
- Target
  
  resources/app/out/WebServer/BasicFormatsForCore.dll
- Size
  
  120KB
- MD5
  
  e2abc51898934545554de0309e82f18a
- SHA1
  
  265954e7ac4416285d470dc25c559c50faacc7f3
- SHA256
  
  f65fd5bccd2d8a5e9141d0b4a0e645dac2e57341882618bf33275a058a9e2387
- SHA512
  
  42ea359016bdeb8966e80b0abfac5bd1687d4ec245bf4dc553c2ef499791b87709536609ab9180f94a96f9f24584808f0c8b902311bc4fe3feb8345f6452dd5c
- SSDEEP
  
  3072:ZxGqoDcWOAXy0D8eFV+wHO3WlI/7oai2LKLo:ZxG7DB1TbIcaxK
Score

1^/10
behavioral23 behavioral24
- Target
  
  resources/app/out/WebServer/BouncyCastle.Cryptography.dll
- Size
  
  6.8MB
- MD5
  
  29f67c517f366b3ff65cf0de64ef4bb6
- SHA1
  
  ae5f0bcdae220ec7332763fb6956685ac381efa6
- SHA256
  
  f40e8e6cd2705822bf33d4b360a628d8ba59765e3161cf602ff15a762b392874
- SHA512
  
  714f70b61daf136e869cb8e53aeee06e6b5e73ce3aee02efb18b9619af988c656d70dc3c11b6b381d479491598c65010a3cf9b0f4b3c5bf218b4fcaadeda2b89
- SSDEEP
  
  98304:n7shAKDMFQfVTwT3Pj3jno+adQ6Z5EgveHluvNoT4S9tomfTYFNUW:aAKDMF0u7MrdQ8rvsluv67amrYn/
Score

1^/10
behavioral25 behavioral26
- Target
  
  resources/app/out/WebServer/Brotli.Core.dll
- Size
  
  34KB
- MD5
  
  2a8490f29080c52cbc568d9b94576546
- SHA1
  
  41ccd7efed8251f72b43bbce0535769eab9cdbe7
- SHA256
  
  7a6cf5dd3835ff3f94c59a55bb97fb8d84277b87f2b3ca4a3486774d802f6350
- SHA512
  
  821940342c0ba3359f1045f9145f9166c9b6c232aa41b378f44b9408d4857f4240647b016bcfab99315a97499528c369f2d2747135db4279f6fa21f372741984
- SSDEEP
  
  768:OCfRI1hznZLU/2u/lHlGlHlilHlGlHlXzom1WcoHcFfNu1nQ:XRIzznZLUOuM1Wco8F1AQ
Score

1^/10
behavioral27 behavioral28
- Target
  
  resources/app/out/WebServer/CBOR.dll
- Size
  
  189KB
- MD5
  
  7c32e2a519e373d2cde325e8fd484eda
- SHA1
  
  4338900f0cf49377bacb951a4998e0a85cb49135
- SHA256
  
  a047b48d17f1557df6e354a18a4a55c43e157aab467e786a07ddb8e39a1be17b
- SHA512
  
  9b77bde26e5c5190ff6a928b71d9ca0c9021b6b04f585320a1f6c351472bd60b0458e999cfd1cb85b71b7fce783fdb732891786aa0229021bdf84206e86bfc27
- SSDEEP
  
  3072:WWOllz/RLS7ICDw3cnRfpqvH7LA4aeDphzEFCFJUNtYkoQsBAILhC:gEIzFvHImJL
Score

1^/10
behavioral29 behavioral30
- Target
  
  resources/app/out/WebServer/ClientApp/dist/assets/monaco-editor/min/vs/base/common/worker/simpleWorker.nls.de.js
- Size
  
  869B
- MD5
  
  b7f50a746a86a8e36913445417f54c61
- SHA1
  
  4ecee5a19ffd2adcf17dd3896f36bc32b98d1b4e
- SHA256
  
  7fa7993d27d6eaad13657447247f4eb772839b35d1ae703052b1b3eb34d66b97
- SHA512
  
  f8c7ac282f88ea1d2b6cbe1e145837051f6bbe4e131e8ba8d25939cac2558b8be86c1e119f3b9e3582e44d63a170c4275c4a223c6e68d4c0520d12358ae6338d
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32