4f471d819a663b4bd351a0b404286b70537abd2650abdb1de1fa834c74b7016e

Sharing

Copy URL

Twitter E-mail

General

Target

FRIDA_V1.zip
Size

5.0MB
Sample

240921-xtsmasyeqk
MD5

e0e3cb98a247371e980a2d5e723b34b6
SHA1

e55321a66481962fba43689ca9db1f34cb13bce0
SHA256

4f471d819a663b4bd351a0b404286b70537abd2650abdb1de1fa834c74b7016e
SHA512

016beff2419e1a726a34915ae4b0b478f03aaf3d1e10eff4c0669c21229cf08a4d5a3207cc4b8450b5925d5ecb95086fc8e39836dd2645760d538ff578134950
SSDEEP

98304:S2hRkW+gus0V/i4f4S0zQUIvpeAnAg8CoepesmFwKbgxferJ:S2hRkWR0VJf6QpB7/LojpFwK8xf0

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  FRIDA_V1.zip
- Size
  
  5.0MB
- MD5
  
  e0e3cb98a247371e980a2d5e723b34b6
- SHA1
  
  e55321a66481962fba43689ca9db1f34cb13bce0
- SHA256
  
  4f471d819a663b4bd351a0b404286b70537abd2650abdb1de1fa834c74b7016e
- SHA512
  
  016beff2419e1a726a34915ae4b0b478f03aaf3d1e10eff4c0669c21229cf08a4d5a3207cc4b8450b5925d5ecb95086fc8e39836dd2645760d538ff578134950
- SSDEEP
  
  98304:S2hRkW+gus0V/i4f4S0zQUIvpeAnAg8CoepesmFwKbgxferJ:S2hRkWR0VJf6QpB7/LojpFwK8xf0
Score

1^/10
behavioral1 behavioral2
- Target
  
  FRIDA_V1/FRIDA.exe
- Size
  
  2.7MB
- MD5
  
  d5c11a36e9e4884119a6b4232321da6a
- SHA1
  
  3338ae2ab742411b7814a2e3a9028a9bc7acb160
- SHA256
  
  d7d05a20cc39eae526250af106dfc1c78d7372d888dca5ce55011cd324ccb6a3
- SHA512
  
  834e9627588699e5446329381766c8ec8cff4a9f992c7333db3daf9cc328857666d0a6970401f431a9a3c2a419afdc1b7fb948640d9cfac7bbe575ca5d493636
- SSDEEP
  
  49152:llLn2as+45eUyqP3eYlgp1Ox+qLmrNqxGo5AtnM5mc9tgs91IYh6vv0/Ounq7rsI:llT2asfujb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  FRIDA_V1/Google.Apis.Auth.PlatformServices.dll
- Size
  
  5KB
- MD5
  
  924dbb831ddedd0df01baa98a24892dd
- SHA1
  
  ea41c62a9f17555dc73f0be7fe5061a29e485eff
- SHA256
  
  23a717af9de25b80f54274cb1075b931d2f857b774743e42dead8e5b320f61bb
- SHA512
  
  04053040451ddf264c904b49e8da695b72b9ba6b91a85f14d3e649ca3edd48a0263dd39f63d809c0a73bc1e9d93766b962e74075363d7208557d2e8d4a87206a
- SSDEEP
  
  48:6I+las4FIgRfWCly5J0nlAWt+M3mZLyJxUrpbJDItvyDtWDlitDdND02:eUIgwCl6elAkYLyJwxJV+MBL
Score

1^/10
behavioral5 behavioral6
- Target
  
  FRIDA_V1/Google.Apis.Auth.dll
- Size
  
  157KB
- MD5
  
  c90aab36f77d1f27b8841e235b68bbf8
- SHA1
  
  48c1016016f069a99077ff491dac82236713c0b9
- SHA256
  
  3634a74a08284bb774ea77291a6c0172cd95cd70e07231692743e47e6f09e0a0
- SHA512
  
  bb8723589cbcffc1d47c4126d9563e5bd01f646b2f22bcebafac418fa62a586be3374dc4652d1f291d6fa3ec9249a781325c5e570304fe1b1703e79753b57f5f
- SSDEEP
  
  3072:cTf0pNP2cMiMeaBjNLFz84DuNovKGr2rQBQYlMZOHXvvislNDFBhRAkj1U4UCQyn:LpNTzMeCsNoyGr2rQBQYlMZOHXXDBAaK
Score

1^/10
behavioral7 behavioral8
- Target
  
  FRIDA_V1/Google.Apis.Core.dll
- Size
  
  75KB
- MD5
  
  d1119f290f161596d4701931565e507c
- SHA1
  
  79dd1a439736cf09ba1798a893f44ca17f4c1f21
- SHA256
  
  5b2dc4e8430decf64202fdc2e51c93b9f643efcfd5d493ce39680bc74d374ab1
- SHA512
  
  dd3a8fde4d31ac9b2b70c092a586959a3bbfda21fd9610bb025ea93b414d1acbfc77d67b12f72aa49b3021312e8d700361cf077ec024d3d109770bbc5d4e3a21
- SSDEEP
  
  1536:TwH0UUupllWltocegK8Xw2uzatlHgakolJ2BRG5J:Tw/llWltlZuzklHgakolJ2BR0
Score

1^/10
behavioral10 behavioral9
- Target
  
  FRIDA_V1/Google.Apis.PlatformServices.dll
- Size
  
  4KB
- MD5
  
  255c82bc5baf108b66d5ca6943641686
- SHA1
  
  8736cecd5e21ab7eff76e20077922eb56ebc4715
- SHA256
  
  a02d99a2c8927f0aebb6caf0fc47d9c2de10931ade370319844c0eb661bdbdff
- SHA512
  
  8cf031bb8a7ae963d39998491103dee4e93d07b676deaae142949acfd1d51e1fe02e86d2c7425cb5621f352a1fea73bd5771f08450c54a10c3a69a25d9128666
- SSDEEP
  
  48:62X8+lIzobWNlTqUgJl9QAMHrLybtPiIIqzRqjtdDRt2yD7fDjactDVmNDe2:7NClNlTSJlKfLybtKIPAjtxHBBVc
Score

1^/10
behavioral11 behavioral12
- Target
  
  FRIDA_V1/Google.Apis.Sheets.v4.dll
- Size
  
  216KB
- MD5
  
  96b0117b4c3dd4f11995df15bc1411de
- SHA1
  
  ba2c499d2d08ec98daeffa11570772ea67e0f724
- SHA256
  
  bfe14896b13d8e5a3e015fd5577d5be13dbd7169b537b66945b7d687bea78cc9
- SHA512
  
  7b744b3a074cff453fe08c52c245301988f3297b5ea6f65eccc255259be32948470cd15297a6eeb6d2464e16e76da2814a567fec17f68754221cd8b467ccf0b9
- SSDEEP
  
  6144:vph+ZVAM7ugLPnjt7L3MuZ8hEy7/r/z5jxWgDlGhkTI:RaNbpnlOhEyvWgD0EI
Score

1^/10
behavioral13 behavioral14
- Target
  
  FRIDA_V1/Google.Apis.dll
- Size
  
  79KB
- MD5
  
  4c94cb708f8269472400c459a68d03be
- SHA1
  
  545275256445bd399eb081d6185bc65659276e6c
- SHA256
  
  53deae0d9b9412a46fd2ca420715828225cdf5c50e72f0a56adf0ac9102ecb28
- SHA512
  
  936a8daf6d48d63c6c15870389af877e6d9b4e556cca488fc5f4be4842432fe8304116479377525260d762fed735e6d2ad51eb6d9854f716e3ca426d6e22676c
- SSDEEP
  
  1536:4ocFietZxqxs7SpYeIgwO6nCFWD4XcrVZ2rCjz:4oLS7SuhCQ4SVd
Score

1^/10
behavioral15 behavioral16
- Target
  
  FRIDA_V1/Microsoft.Web.WebView2.Core.dll
- Size
  
  387KB
- MD5
  
  815cb3ee96128dbced59c32dd56cb43d
- SHA1
  
  6a36baacd83f14b8c191cc99352925649fee5b21
- SHA256
  
  f351435147bd9c6f70d9704ca1de3f170234fa9ccc536f1ac736c1c9bd20dcc3
- SHA512
  
  cdba6a0b24d9a12e9c40ac9ecbc0319f82392c62c1c23db674f0fe361862c1ab4b68f9f4c2a8e47dc6fb88132ec862338285730a86c15074df0d5f28ab018716
- SSDEEP
  
  12288:N6edSrB3qwo+cRMfe1+imQ9pRFZNIEIElxPrEIvLcgMwCepM1SVUhLQz3Qs1hPr4:NS
Score

1^/10
behavioral17 behavioral18
- Target
  
  FRIDA_V1/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  36KB
- MD5
  
  25b4f30bc10adf5f1f2304e2f17a9abe
- SHA1
  
  e3bba84fe3fa8bb414809da134194733fedf1371
- SHA256
  
  41e75eae9d79b33254fcff4f147f1bc905363b6faf9e94e22a9fcdfbbf398532
- SHA512
  
  d89520f2418349c0df358e2732374c15c9ba51b27b357ad2c74e3ff75b6fea299422b40bb5134ba73a9dc478098679ee45642fb1ac1974d4a773d6d1e35a99b8
- SSDEEP
  
  768:L4LW9FLsHv+4wu+BtCZDgcES5P4Jjrjh2jmSgyauTv1JKa5/Zi/WGcKiu6b0tC/a:L4L9H3wLBtCZDgcES5P4JjrjamSgyau8
Score

1^/10
behavioral19 behavioral20
- Target
  
  FRIDA_V1/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  42KB
- MD5
  
  ab58712264987756c636064f5f6484a7
- SHA1
  
  cf476235e1a0816314c2e7539e712a0feebb3437
- SHA256
  
  e0f391bb35f8b954fb8e816a177bdd491c15bb0c1480fa0a6fad0b3224144681
- SHA512
  
  08995e01b47c76a0df04347ce2c8ebcf12cd0f81dad9f10caa3ca5512e10156ddf7ed5588ef5ba895d06ff668321a9374f3e706a6b8ed92276cea3c900b15835
- SSDEEP
  
  768:vWIZjYgjUpyyBUZ8zDP/ryEH0yBO4JjrD1h2jU3UR2vkq7FKKa5/Bi/xGGvoh70N:uZg22Z8zDP/ryEH0yBO4JjrD1aU3UR2T
Score

1^/10
behavioral21 behavioral22
- Target
  
  FRIDA_V1/Microsoft.Win32.Primitives.dll
- Size
  
  20KB
- MD5
  
  76b8d417c2f6416fa81eacc45977cea2
- SHA1
  
  7b249c6390dfc90ef33f9a697174e363080091ef
- SHA256
  
  5eaa2e82a26b0b302280d08f54dc9da25165dd0e286be52440a271285d63f695
- SHA512
  
  3b510cdc45c94be383c91687c2cb01a501ba34e3fbb66346214fc576d6f0e63c77d1d09c6419fc907f5b083387a7046c0670377ad2e00c3ec2e731275739f9c7
- SSDEEP
  
  384:/N9VWhX3WsQBm0GftpBjvmaQHRN7YlgaGn7rJd0:1GmViYL0Gff0
Score

1^/10
behavioral23 behavioral24
- Target
  
  FRIDA_V1/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral25 behavioral26
- Target
  
  FRIDA_V1/RestSharp.dll
- Size
  
  186KB
- MD5
  
  43c1ed4d9aabd6855dda3aecb8c6bb19
- SHA1
  
  a9613f628bc583646328f15cd6dfc7ff03c69e00
- SHA256
  
  76dce25d4a5ae6de4ce4baca0f8c59b0bf239dd856e1583439c3f49ebac69c50
- SHA512
  
  c80cdccdc056ce5bd5e9bbdb56f1cb693180d6fa7796afd0cfa14327685a0f4f72eeed5f7ba4ac133aad980f48d16139599a83974ac0011d1c91cbcbafefc842
- SSDEEP
  
  3072:cjxBes/ns/wY0+ul7rtWsWaBUBADJoqRmmBktqwhLJ19t:Ajn8rulXtRWWDSqe
Score

1^/10
behavioral27 behavioral28
- Target
  
  FRIDA_V1/System.AppContext.dll
- Size
  
  20KB
- MD5
  
  8cc4c7dfeb41b6c227488ce52d1a8e74
- SHA1
  
  93702135db0646b893babe030bd8dc15549ff0c2
- SHA256
  
  9dc115ac4aadd6a94d87c7a8a3f61803cc25a3d73501d7534867df6b0d8a0d39
- SHA512
  
  e4da7e3ae5ca31e566ea0475e83d69d998253fb6d689970703a5ad354a2aad1bb78d49a2c038f0a3c84a188d091696191b04e4a39253deb3b6cb310b72f02f97
- SSDEEP
  
  384:uDNxWQFW5+109m0GftpBj9yaQHRN7SAl78oSwDnu/L:uDNV+Vi+LSyaw6L
Score

1^/10
behavioral29 behavioral30
- Target
  
  FRIDA_V1/System.Collections.Concurrent.dll
- Size
  
  20KB
- MD5
  
  559c98eb9633c7ba1bc813f8e6e0e9a5
- SHA1
  
  311f52b31611e6dc5fd4c0159bfa452c22980ca7
- SHA256
  
  cc62f3b867d50083c2932061f20662c698d2e1a741c4d2f9df1fd2d435e3ef3c
- SHA512
  
  e241c16869d1cdbb2c6482a7c5b2af93de4ba0cef8185b8826eee35ecb174f35f7585c8ae0320f7f4f6b80f3bb5b3edae2383760f2f35637f03c3a0e38e0875c
- SSDEEP
  
  384:Jm2igOWnW8rWwvT1Dm0GftpBjVjaQHRN70lxBGDD:5t/1DVinjLSMD
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32