169605839aebe681cc8f32304083932a0a710dad4d24c900a9dc17d92f6efd29

Sharing

Copy URL

Twitter E-mail

General

Target

sissss.rar
Size

6.4MB
Sample

240628-zec96svarm
MD5

19b8f95d9f53bdb62eb6a0c5c936922c
SHA1

a8a65ef399f0dab3db8a20da7f26a2e3f20bb42f
SHA256

169605839aebe681cc8f32304083932a0a710dad4d24c900a9dc17d92f6efd29
SHA512

968b2f984b75f9947768cd587409311cae0d0e4dae2e1575bd9e8df585fab6848dc1820d8de8b9aa39c98244de0acb82f90097e4ac4e4d4abb410ca5d4144561
SSDEEP

196608:rp7Z18iBSzA9tuKFddmGJfq9c1yvoOdR7:d7Z180SzKFd5FpPOv7

Score

4^/10

Malware Config

Targets

- Target
  
  FiddlerSetup.exe
- Size
  
  6.3MB
- MD5
  
  77a80b10028f9c800c5cbb5a80fde929
- SHA1
  
  7e8a8ce83bba6bec7b62cca06ae7680ef5c5ddec
- SHA256
  
  207e1a39c74a03ae535ad04fe74bc435baa777ecefaec95abe78664cd2b34690
- SHA512
  
  883600cb4d5114cef47dba6d7fde929c02f0f4d2baafa9dbb746fccfee92ebb6bfb02602e64dfb2c93b773abfdf8b49ac780b0c02414107761dd66e6999480bc
- SSDEEP
  
  98304:mIouszMd5OYRxqFu5rMnb8ELGUHjvYEarhIPAT99taafHOwRcxzv77Nd6fKnCKbX:FqzMSx3oohYTXt5WwREv77cKCKkBbYOY
Score

4^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FiddlerSetup.exe
- Size
  
  3.1MB
- MD5
  
  7e3090e237b9f252efc88d097f71ed47
- SHA1
  
  8a1cae86f421c4c74f7f543609826cfc472e5fa8
- SHA256
  
  91547aa10f5b4d1be95c7bfa289499ded2b65d1070ec6fce0208e61771df5318
- SHA512
  
  378d29ca00b73ff5b729d6bc39e63b61f833f7baad9d806db77ee7acab993b3b567f7e533aae2178bf8a9391bc8d205aadd72d75a29a71c0f2827196ff040afa
- SSDEEP
  
  98304:QIouszMd5OYRxqFu5rMnb8ELGUHjvYEarht:rqzMSx3oo8
Score

3^/10
behavioral3 behavioral4
- Target
  
  RunNsisUninstallers.bat
- Size
  
  334B
- MD5
  
  adedc0065e7ede15a0d8dab1c985ddee
- SHA1
  
  53803b6179deaded7c57606cea410de34bfcb301
- SHA256
  
  80d570928745176a574d82e45adb33dcab7fa68f80da07038c3da415c355463b
- SHA512
  
  b303123360d4c6ce787814376526ae5af035a0105fe2114d50fc9b8f6e5de8bac0db3de6a0756f6a53294bf6ec379c2ff034058eb84b2a1e510164bf816599a8
Score

1^/10
behavioral5 behavioral6
- Target
  
  ScriptEditor/Analytics.dll
- Size
  
  32KB
- MD5
  
  1c2bd080b0e972a3ee1579895ea17b42
- SHA1
  
  a09454bc976b4af549a6347618f846d4c93b769b
- SHA256
  
  166e1a6cf86b254525a03d1510fe76da574f977c012064df39dd6f4af72a4b29
- SHA512
  
  946e56d543a6d00674d8fa17ecd9589cba3211cfa52c978e0c9dab0fa45cdfc7787245d14308f5692bd99d621c0caca3c546259fcfa725fff9171b144514b6e0
- SSDEEP
  
  384:gpeCB0nVQ/EMq7+Zi9nQwnHgfLtVUEoBXejF6XFlnwnYPLYyTcGq1y2h33XcQ7:/U0VQMMrZi9QiHWtVxOFxwxGqXR7
Score

1^/10
behavioral7 behavioral8
- Target
  
  ScriptEditor/GA.Analytics.Monitor.dll
- Size
  
  52KB
- MD5
  
  6f9e5c4b5662c7f8d1159edcba6e7429
- SHA1
  
  c7630476a50a953dab490931b99d2a5eca96f9f6
- SHA256
  
  e3261a13953f4bedec65957b58074c71d2e1b9926529d48c77cfb1e70ec68790
- SHA512
  
  78fd28a0b19a3dae1d0ae151ce09a42f7542de816222105d4dafe1c0932586b799b835e611ce39a9c9424e60786fbd2949cabac3f006d611078e85b345e148c8
- SSDEEP
  
  768:7su21mzJ3+LDDke5WcsvOvHOQ+5bQZdKXJccxYi:7qmByvke5Wcs22QRGKLi
Score

1^/10
behavioral10 behavioral9
- Target
  
  ScriptEditor/QWhale.Common.dll
- Size
  
  192KB
- MD5
  
  ac80e3ca5ec3ed77ef7f1a5648fd605a
- SHA1
  
  593077c0d921df0819d48b627d4a140967a6b9e0
- SHA256
  
  93b0f5d3a2a8a82da1368309c91286ee545b9ed9dc57ad1b31c229e2c11c00b5
- SHA512
  
  3ecc0fe3107370cb5ef5003b5317e4ea0d78bd122d662525ec4912dc30b8a1849c4fa2bbb76e6552b571f156d616456724aee6cd9495ae60a7cb4aaa6cf22159
- SSDEEP
  
  1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc
Score

1^/10
behavioral11 behavioral12
- Target
  
  ScriptEditor/QWhale.Editor.dll
- Size
  
  816KB
- MD5
  
  eaa268802c633f27fcfc90fd0f986e10
- SHA1
  
  21f3a19d6958bcfe9209df40c4fd8e7c4ce7a76f
- SHA256
  
  fe26c7e4723bf81124cdcfd5211b70f5e348250ae74b6c0abc326f1084ec3d54
- SHA512
  
  c0d6559fc482350c4ed5c5a9a0c0c58eec0a1371f5a254c20ae85521f5cec4c917596bc2ec538c665c3aa8e7ee7b2d3d322b3601d69b605914280ff38315bb47
- SSDEEP
  
  12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB
Score

1^/10
behavioral13 behavioral14
- Target
  
  ScriptEditor/QWhale.Syntax.Parsers.dll
- Size
  
  1.1MB
- MD5
  
  9fe6e9cfedb661c61a2c70fa75008ec3
- SHA1
  
  0f6a0f4e7fc5552088d3f2dd0c0adf6f6c45b686
- SHA256
  
  acff23204982780d844f5b0cbfe0bf1849c1dfe782cb4084ba2bdc9bf53f026c
- SHA512
  
  a8864ee43628f667d6e0acf071fbba414ff768fe9dd302e6f9498432b3ce48a22deecfe438099a3caa684ad8e9588fae111de752c37c158eebd76e48ab67e02d
- SSDEEP
  
  6144:DDsAkHPWoMvThdMlLQtRZfScxaHrlXnp55VAWvRY02OCo6+shEd2qxrGa:DDs7uounM5WSNAG2otTh
Score

1^/10
behavioral15 behavioral16
- Target
  
  ScriptEditor/QWhale.Syntax.dll
- Size
  
  228KB
- MD5
  
  3be64186e6e8ad19dc3559ee3c307070
- SHA1
  
  2f9e70e04189f6c736a3b9d0642f46208c60380a
- SHA256
  
  79a2c829de00e56d75eeb81cd97b04eae96bc41d6a2dbdc0ca4e7e0b454b1b7c
- SHA512
  
  7d0e657b3a1c23d13d1a7e7d1b95b4d9280cb08a0aca641feb9a89e6b8f0c8760499d63e240fe9c62022790a4822bf4fe2c9d9b19b12bd7f0451454be471ff78
- SSDEEP
  
  3072:Ns/3b/8FpHf3kBFcCsbfqai2/8Fjitdmus95jMRrgk+vWZYz39dHiB796k9gR5+r:NQLa/kBFcCsbfRgzM07XGk+V
Score

1^/10
behavioral17 behavioral18
- Target
  
  Scripts/FiddlerOrchestra.Addon.dll
- Size
  
  51KB
- MD5
  
  3cded1ca2097f4f6ce8ded0add3b3f22
- SHA1
  
  399f8596b2a282fba64accef4af4a89d914640dc
- SHA256
  
  4e0e01a7a2fad783dffb80ca199ee0407725a73d6d4222a5e9d528b9578e1288
- SHA512
  
  74eb04e25f6b7d0082d09c6ba0848cb1dcccc98515ecfea8a0427b9fb71652ce920cf1f058d0cf1a108608d54376b27bd08044b78bd7a6b066071a1645d5e598
- SSDEEP
  
  1536:HA36xjEI08WCNVTPHjdvwrQhddF/dFuffaJ:HA362I5WCNteUrdF/dFuffaJ
Score

1^/10
behavioral19 behavioral20
- Target
  
  Scripts/FiddlerOrchestra.Connection.dll
- Size
  
  1.7MB
- MD5
  
  a5d3aea3abaf461b4ad2443573cc5509
- SHA1
  
  1431a3f5ff9c5182fa22c4445686b2dbb8026272
- SHA256
  
  f63f4e524e6c3868e1fe2e660b245da25b7159b60fc9092a4f32f90d5633c775
- SHA512
  
  1662fce42fd8573ac5083dd98fd33002f3cc2bce895a9d51c76e4830196968ed6171d30cc5e293b1a75a2a138244ca07347a0f43ad3504f14a1b9af500844363
- SSDEEP
  
  49152:1fSFIBE1MOwmkAmcECIvCH83xlQbkkoKsit:mIK1MOwmCit
Score

1^/10
behavioral21 behavioral22
- Target
  
  Scripts/FiddlerOrchestra.Protocol.dll
- Size
  
  23KB
- MD5
  
  04b7e5ebb82798a3a07eb8f4cd658228
- SHA1
  
  855fc43c08e7d2f568ae7e8a15f24ac7d8475fde
- SHA256
  
  449effe1d5f6f5dd5819811dddf233dc1b53a9a019a80db71706b80347584425
- SHA512
  
  fab03af027e5d25399dfa66de66054a643ee9a1161422a3072e8209ad66484384cd0b791373c609ff3daf60403b02bf0411c863b145b816aae8f6fe5dac181c1
- SSDEEP
  
  384:7DboBjiEBhJxu9K3nrSnYPLLR/XF8b/jR/XFYInIufeday:OE9AnWKdF8bbdFHnJfKay
Score

1^/10
behavioral23 behavioral24
- Target
  
  Scripts/FiddlerOrchestra.Utilities.dll
- Size
  
  19KB
- MD5
  
  620585edf86bd65b252d085cf65b52ce
- SHA1
  
  5a8f55d37d965f4d102a2c47303bf0adb139b3da
- SHA256
  
  51c4b44ddf79b3d5293180d2ea29e28200b1adc077129a5812a94fa6506ade71
- SHA512
  
  ee200183adf92680f7c5c1318510960952611deddafeba38c53aac6ec379fed75864a803441c815e4dd83bbb888ada3286075cc1c477fa2e9737d9f9e51a12b9
- SSDEEP
  
  192:0AYDNZmUT6oO6+0EgwVzOw8Ddb63rlxnYe+PjPLncjW/Xa2wImx/ncjW/Xa2w8MH:054rVt+63rvnYPLLR/XFyR/XFGeXikfW
Score

1^/10
behavioral25 behavioral26
- Target
  
  Scripts/QWhale.Common.dll
- Size
  
  192KB
- MD5
  
  ac80e3ca5ec3ed77ef7f1a5648fd605a
- SHA1
  
  593077c0d921df0819d48b627d4a140967a6b9e0
- SHA256
  
  93b0f5d3a2a8a82da1368309c91286ee545b9ed9dc57ad1b31c229e2c11c00b5
- SHA512
  
  3ecc0fe3107370cb5ef5003b5317e4ea0d78bd122d662525ec4912dc30b8a1849c4fa2bbb76e6552b571f156d616456724aee6cd9495ae60a7cb4aaa6cf22159
- SSDEEP
  
  1536:jnPlSpsvrGlP3wYeBKpqmSNbgM9ZtZLZQErK3PmIDXRtFhCj6ocpjyc44lc:rlSpsnQCg4ZtZmECfRtF0cpjy94lc
Score

1^/10
behavioral27 behavioral28
- Target
  
  Scripts/QWhale.Editor.dll
- Size
  
  816KB
- MD5
  
  eaa268802c633f27fcfc90fd0f986e10
- SHA1
  
  21f3a19d6958bcfe9209df40c4fd8e7c4ce7a76f
- SHA256
  
  fe26c7e4723bf81124cdcfd5211b70f5e348250ae74b6c0abc326f1084ec3d54
- SHA512
  
  c0d6559fc482350c4ed5c5a9a0c0c58eec0a1371f5a254c20ae85521f5cec4c917596bc2ec538c665c3aa8e7ee7b2d3d322b3601d69b605914280ff38315bb47
- SSDEEP
  
  12288:vC84TFHhCRR87er17m62l/YpMVuRWGoN0ty6B:vC9T+R87er325wMVuRaGtPB
Score

1^/10
behavioral29 behavioral30
- Target
  
  Scripts/QWhale.Syntax.Parsers.dll
- Size
  
  1.1MB
- MD5
  
  9fe6e9cfedb661c61a2c70fa75008ec3
- SHA1
  
  0f6a0f4e7fc5552088d3f2dd0c0adf6f6c45b686
- SHA256
  
  acff23204982780d844f5b0cbfe0bf1849c1dfe782cb4084ba2bdc9bf53f026c
- SHA512
  
  a8864ee43628f667d6e0acf071fbba414ff768fe9dd302e6f9498432b3ce48a22deecfe438099a3caa684ad8e9588fae111de752c37c158eebd76e48ab67e02d
- SSDEEP
  
  6144:DDsAkHPWoMvThdMlLQtRZfScxaHrlXnp55VAWvRY02OCo6+shEd2qxrGa:DDs7uounM5WSNAG2otTh
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32