Overview

overview

3

Static

static

3

FRIDA_V1.zip

windows7-x64

1

FRIDA_V1.zip

windows10-2004-x64

1

FRIDA_V1/FRIDA.exe

windows7-x64

3

FRIDA_V1/FRIDA.exe

windows10-2004-x64

3

FRIDA_V1/G...es.dll

windows7-x64

1

FRIDA_V1/G...es.dll

windows10-2004-x64

1

FRIDA_V1/G...th.dll

windows7-x64

1

FRIDA_V1/G...th.dll

windows10-2004-x64

1

FRIDA_V1/G...re.dll

windows7-x64

1

FRIDA_V1/G...re.dll

windows10-2004-x64

1

FRIDA_V1/G...es.dll

windows7-x64

1

FRIDA_V1/G...es.dll

windows10-2004-x64

1

FRIDA_V1/G...v4.dll

windows7-x64

1

FRIDA_V1/G...v4.dll

windows10-2004-x64

1

FRIDA_V1/G...is.dll

windows7-x64

1

FRIDA_V1/G...is.dll

windows10-2004-x64

1

FRIDA_V1/M...re.dll

windows7-x64

1

FRIDA_V1/M...re.dll

windows10-2004-x64

1

FRIDA_V1/M...ms.dll

windows7-x64

1

FRIDA_V1/M...ms.dll

windows10-2004-x64

1

FRIDA_V1/M...pf.dll

windows7-x64

1

FRIDA_V1/M...pf.dll

windows10-2004-x64

1

FRIDA_V1/M...es.dll

windows7-x64

1

FRIDA_V1/M...es.dll

windows10-2004-x64

1

FRIDA_V1/N...on.dll

windows7-x64

1

FRIDA_V1/N...on.dll

windows10-2004-x64

1

FRIDA_V1/R...rp.dll

windows7-x64

1

FRIDA_V1/R...rp.dll

windows10-2004-x64

1

FRIDA_V1/S...xt.dll

windows7-x64

1

FRIDA_V1/S...xt.dll

windows10-2004-x64

1

FRIDA_V1/S...nt.dll

windows7-x64

1

FRIDA_V1/S...nt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21-09-2024 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FRIDA_V1/FRIDA.exe

  • Size

    2.7MB

  • MD5

    d5c11a36e9e4884119a6b4232321da6a

  • SHA1

    3338ae2ab742411b7814a2e3a9028a9bc7acb160

  • SHA256

    d7d05a20cc39eae526250af106dfc1c78d7372d888dca5ce55011cd324ccb6a3

  • SHA512

    834e9627588699e5446329381766c8ec8cff4a9f992c7333db3daf9cc328857666d0a6970401f431a9a3c2a419afdc1b7fb948640d9cfac7bbe575ca5d493636

  • SSDEEP

    49152:llLn2as+45eUyqP3eYlgp1Ox+qLmrNqxGo5AtnM5mc9tgs91IYh6vv0/Ounq7rsI:llT2asfujb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FRIDA_V1\FRIDA.exe
    "C:\Users\Admin\AppData\Local\Temp\FRIDA_V1\FRIDA.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\FRIDA\FRIDA.exe_Url_iur0jfsbdwrrfula1tvcrbyhexw41sy2\1.0.0.0\user.config
    Filesize

    814B

    MD5

    3d98fe5f78acc73e0bab666d610901a6

    SHA1

    317c352f7dfdcd58d69392005df687ab10c4ac68

    SHA256

    f617cc50b9da4d16d0f6b9b3392e64c43bc128e90b0b87f721db840668c5192a

    SHA512

    1cb4b2ef893ae33a95eccab7357e0768b8bfa9e1d975ea3297bcf88ecfe230cc58a06e557dbfe036d1a476d2dfc166b3ec95cddc4842377781a438584e21c701

    Download Submit

  • C:\Users\Admin\AppData\Local\FRIDA\FRIDA.exe_Url_iur0jfsbdwrrfula1tvcrbyhexw41sy2\1.0.0.0\user.config
    Filesize

    940B

    MD5

    327b7d2c0a5b3dff8d721b0bb02c2a93

    SHA1

    fcb798ebe58ebee90f75e9ba89197b8fb3146166

    SHA256

    056bab358b547380399a07259e5fabd74d15eb95045b8ca04ec4daf57cf1c6cf

    SHA512

    5b03366d058143d811201149a5c3f57ed9744422cf5d65bf8ac1b0e760c259bd888a2e4abe80487c17e64042a625dd6826c92b90089a36a97c2a9bded6430022

    Download Submit

  • C:\Users\Admin\AppData\Local\FRIDA\FRIDA.exe_Url_iur0jfsbdwrrfula1tvcrbyhexw41sy2\1.0.0.0\user.config
    Filesize

    2KB

    MD5

    a28ae33cf719f87a04f5a6fac8a6b504

    SHA1

    3231b019aad59a03ed3d6a0cd6344abadf1974a0

    SHA256

    0c1ef389d8918a43b38447ca31a1037e968e8b795e1bfa881a81243b32455507

    SHA512

    088fa810d6129e87d7aa2bb741e9209d677937443b5cf0ccbf9e1bbed5e5e1f63d80979389a6299377060ebcf286e2184d679d2021ad0fe7dbdfb7b79bb94df4

    Download Submit

  • C:\Users\Admin\AppData\Local\FRIDA\FRIDA.exe_Url_iur0jfsbdwrrfula1tvcrbyhexw41sy2\1.0.0.0\user.config
    Filesize

    2KB

    MD5

    58888588e0a1200b25692a26f139c826

    SHA1

    ed62b3ca9e5a007f0d9a072d8295b9aba617a662

    SHA256

    4be52f2e33daffe486f1259ef837c2cee5d4ff80848bbde92c04b15ae318d57c

    SHA512

    75bad9e57ea56bb1fb4cf4d2e0eb10cea82763bf8f7bc9e964eafb83fea89baa27ecefd13b977d2457682520708d967b516f6a072a18783bd59b1ee11d9c8e6b

    Download Submit

  • memory/2740-8-0x0000000074C30000-0x000000007531E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2740-5-0x0000000000C30000-0x0000000000C94000-memory.dmp

    Filesize

    400KB

    Download

  • memory/2740-6-0x0000000004FC0000-0x0000000004FCC000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2740-7-0x0000000074C30000-0x000000007531E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2740-0-0x0000000074C3E000-0x0000000074C3F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2740-4-0x00000000004D0000-0x00000000004EA000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2740-3-0x0000000000490000-0x00000000004CC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/2740-22-0x0000000074C3E000-0x0000000074C3F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2740-23-0x0000000074C30000-0x000000007531E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2740-24-0x0000000074C30000-0x000000007531E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2740-2-0x0000000074C30000-0x000000007531E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2740-1-0x0000000000CC0000-0x0000000000F7C000-memory.dmp

    Filesize

    2.7MB

    Download