Overview

overview

7

Static

static

3

....rar

windows7-x64

3

....rar

windows10-2004-x64

3

Catto Boi ...na.exe

windows7-x64

1

Catto Boi ...na.exe

windows10-2004-x64

1

Catto Boi ...le.dll

windows7-x64

1

Catto Boi ...le.dll

windows10-2004-x64

1

Catto Boi ...ev.dll

windows7-x64

1

Catto Boi ...ev.dll

windows10-2004-x64

1

Catto Boi ...ta.win

windows7-x64

3

Catto Boi ...ta.win

windows10-2004-x64

3

Catto Boi ...66.exe

windows7-x64

7

Catto Boi ...66.exe

windows10-2004-x64

7

Catto Boi ...ER.exe

windows7-x64

7

Catto Boi ...ER.exe

windows10-2004-x64

7

Catto Boi ...XT.exe

windows7-x64

7

Catto Boi ...XT.exe

windows10-2004-x64

7

Catto Boi ...am.exe

windows7-x64

7

Catto Boi ...am.exe

windows10-2004-x64

7

Catto Boi ...sh.exe

windows7-x64

7

Catto Boi ...sh.exe

windows10-2004-x64

7

Catto Boi ...ut.bat

windows7-x64

Catto Boi ...ut.bat

windows10-2004-x64

Catto Boi ...y!.txt

windows7-x64

1

Catto Boi ...y!.txt

windows10-2004-x64

1

Catto Boi ...o.hook

windows7-x64

3

Catto Boi ...o.hook

windows10-2004-x64

3

Catto Boi ...on.ico

windows7-x64

1

Catto Boi ...on.ico

windows10-2004-x64

3

Catto Boi ...n2.ico

windows7-x64

1

Catto Boi ...n2.ico

windows10-2004-x64

3

Catto Boi ...n3.ico

windows7-x64

1

Catto Boi ...n3.ico

windows10-2004-x64

3

Resubmissions

08/06/2024, 17:43

240608-wa3sgseg52 3

08/06/2024, 17:38

240608-v7qzhseg38 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ....rar

  • Size

    67.8MB

  • Sample

    240608-v7qzhseg38

  • MD5

    7cc83efa44efd49715525d157488ec0c

  • SHA1

    40da7ba8b2b5fe911c634f0f675a75ba54db0d14

  • SHA256

    c588680b751d0c61e0cb068db13b7866d220bbf342e81ea9802939e167f5db29

  • SHA512

    6ab335cae9044ca573bdfa6ce23c23ed6660f6adda207804720dd7fa07b459ffe2e48ddc4ca0b0a10f42c37c651ed156c52ce5f0104897fb175adc5f48a49ca5

  • SSDEEP

    1572864:XDMqOXLnmVDAK8LDjkINDqrkHxabfdPIbULPXHYwCkB+ifju2l4j5wvgGmnQ:gxTTklr4QdPLP3YwCk0ibuvGIGf

Score
7/10
ransomware

Malware Config

Targets

    • Target

      ....rar

    • Size

      67.8MB

    • MD5

      7cc83efa44efd49715525d157488ec0c

    • SHA1

      40da7ba8b2b5fe911c634f0f675a75ba54db0d14

    • SHA256

      c588680b751d0c61e0cb068db13b7866d220bbf342e81ea9802939e167f5db29

    • SHA512

      6ab335cae9044ca573bdfa6ce23c23ed6660f6adda207804720dd7fa07b459ffe2e48ddc4ca0b0a10f42c37c651ed156c52ce5f0104897fb175adc5f48a49ca5

    • SSDEEP

      1572864:XDMqOXLnmVDAK8LDjkINDqrkHxabfdPIbULPXHYwCkB+ifju2l4j5wvgGmnQ:gxTTklr4QdPLP3YwCk0ibuvGIGf

    Score
    3/10
    behavioral1behavioral2

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/Catto Boi Tuna.exe

    • Size

      4.8MB

    • MD5

      04ffc9acd7b43a93b76ba1d4ea559eb5

    • SHA1

      a50510d281b9a8634ad9b8c8b05c8d00c6a18a23

    • SHA256

      c172f666636a38790e175eef2040ddd87536959640aed6f7fb160574e345c20e

    • SHA512

      9a5678ec461456cca6179afaab8da461a6ce9507e3883f97b426f319c6c861d4e1898f14b019defb304c11215fa13645176a08f7bc41a4002a6142c75c944f84

    • SSDEEP

      98304:LiQuE42N00DQDHO/sc5yor5Cvpau8tYVKAfz61ca9BsC9nAMS8QVju:LRus00DQDHO/sc5yor5CvpawVVr6d1AU

    Score
    1/10
    behavioral3behavioral4

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/DialogModule.dll

    • Size

      192KB

    • MD5

      315621a0f77410772985e1d2bad2c36e

    • SHA1

      9e377910301ef4cedd3f5ccd1fa6812b63a7a8f0

    • SHA256

      ccce3ddf96d2f38aa63608d843dda7fc89914f7b9189fad6de720c4d83947369

    • SHA512

      aef4b458a6a08bc064e83ca56ec7cf7ec591d3b04d7d8fea635a5ba3e23d7d88d4f8828817d884f3687f56c92ce761fda75beb984b2f593f82f513a81f9d5b2a

    • SSDEEP

      3072:qJ2m/HeAHxREEP8UVhtmJFFGo4qN/ksOJQatsmmYXmjRjUnZoondKSo6v10m4k3Q:qQ2V87jv/0xtsJDjiZpxV49rViE

    Score
    1/10
    behavioral5behavioral6

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/GMS-WinDev.dll

    • Size

      85KB

    • MD5

      fb1e3cb9d7fff99956c96baf742dbf6f

    • SHA1

      65777480cd33d413bcee7bef89a2be8827bc0b29

    • SHA256

      fc86c4f3e9bcb57928cab5ebc43c99093b78c97246d400447aa1b4a5bd524266

    • SHA512

      512b60c28de4e0d591d72086009396439d1f7635c3c2aab04d0a30398b0f1db8dc16c4baf1ccca32233783482aff3bd39bd8e6888c49ec715bda3c1895a9e136

    • SSDEEP

      1536:VPU8NF9DVMY3UWuFw1LLzhuw0+XA3tJqUsWiJcdAGCKyAP8NqM:Xqy3uw1LLtnKNADrAP8NH

    Score
    1/10
    behavioral7behavioral8

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data.win

    • Size

      61.0MB

    • MD5

      f25ece661a115d5e3cfb04232d43ee29

    • SHA1

      3dac076328967de109ab0ab1e734780ed6bc59e2

    • SHA256

      018827f57b5cd4309afd6c3abd45820af380a6ecaf24e11ee24eb2bcb9f4a9c4

    • SHA512

      c3d3ebe95151af82f8c7f5ed21015edad5619e32d794536be5e7b1a8ed7de12ed995b74e5aed08e336e7c380fb4c115753e27057e5d96dab7411381b3acc1f10

    • SSDEEP

      1572864:zVG3OzeZo5tprBjMv+wWmsxhM3yPilRs2:4qmqBgEmsxGCPs

    Score
    3/10
    behavioral10behavioral9

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/666.exe

    • Size

      11.0MB

    • MD5

      18dca83e64850e0c1b7f59bbb451ae66

    • SHA1

      fcf49020b5aa1fbc587d1145b85c476917fd511f

    • SHA256

      cef35d45c1b59f7e6e012e062fc42d4ac50a0587a894e85516c637beda7e4c79

    • SHA512

      710826e51dbdbf5b7d156963590d10b1b7773beb95cc0ba6902b45c210ce828fe3d877a1e97419af6184a5e7bc243ba9c096916a9c2b0b40e242c196c76ff346

    • SSDEEP

      196608:qMlbs5/EJmT7YUXyp0dT5nhJemCzIAqThA4RyvOBRqlQb:qYY/EoT0+dT5hAmxhThACqlC

    Score
    7/10
    ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral11behavioral12

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/SUFFER.exe

    • Size

      4.8MB

    • MD5

      b93f0fdef2e98708b65dcfe6d36bc36d

    • SHA1

      c5666b3b6118224901f776981e3d76ad917e5d2d

    • SHA256

      12343e02b9327b0dbdbb0b8104852b361694d1faedd9e1b3601cd72e53b4e729

    • SHA512

      14541f7ea036a6ad4f754580c3b14175f34b70088ab8029d7ba248a522f150c37b0e7b922805ffa333a4f0a39f028b2c1e526370c828a5486e66560fde24d747

    • SSDEEP

      49152:vyMNKCjv1gb3MSLBGkzFApTKjiFF5gLtuiRDlTr6TqLirf/fV083v5ZEk/GsMAuc:vyMNL76YkzFSKeVgnOfa83d+syvDIx

    Score
    7/10
    ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral13behavioral14

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/YOUARENEXT.exe

    • Size

      4.1MB

    • MD5

      d0782e1fb1f5eb6505645376fe9c9dff

    • SHA1

      c241e2fd7c27cfe41e7445ea656a5135a083e451

    • SHA256

      5a611980bb13dee680aa9564bb1278c664a98b9884be0baf9bb2a8ed2cf8c227

    • SHA512

      c67e336400ca65e869c38246b51aaa93f48525cba15ce9eba5e22a85bc53c612eb833cf11eda3382176520d61587c42a4148d0b4bb48337612cd33cd41add7a0

    • SSDEEP

      49152:vyMNKCjv1gb3MSLBGkzFApTKjiFF5gLtuiRDlTr6TqLirf/foK5Vem:vyMNL76YkzFSKeVgnOfxGm

    Score
    7/10
    ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral15behavioral16

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/mouseSpam.exe

    • Size

      4.0MB

    • MD5

      9edf591b35e0fa17d66dd6a8e5897254

    • SHA1

      5cb3ee69e23325874185ea305e786bea039014c3

    • SHA256

      be69f080c3b0ba00881f41b6d5d7a2ac895eb8523ee6bdd7b33424be86982ff0

    • SHA512

      2a242063bca34dcb6ff206c11ee17a2316d2cd74414bd7009b63c43a6e84986c76cebd8ec0003703b564278ce4d8d9816ca55effb08ef004c1efabd1b9c5b825

    • SSDEEP

      49152:YyMNKCjv1gb3MSLBGkzFApTKjiFF5gLtuiRDlTr6TqLiruufH3n8qFfaw:YyMNL76YkzFSKeVgncfHvfh

    Score
    7/10

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/punish.exe

    • Size

      6.3MB

    • MD5

      3c85fe9ffa7efd2f383408274c9ef577

    • SHA1

      3e4501290c228e8f61495ceb68ea00b4dd5e6f7c

    • SHA256

      fbb4647e503f80cc2968ea8a0ac612f7d0a9a4dff7f380d14a9730f2a9e1b573

    • SHA512

      e46e3f640e370e27547edb9871e71fa6579cd6856e5b478b1ec5d39677335c745085fa9776de887227afd757a5fdc3257378a13a6b44ef2b5d9607e69dcfc908

    • SSDEEP

      98304:vyMNL76YkzFSKeVgnJfmc6CFYJa/8VOIpPWTQF/X:qMlbs5m7QqWLiPWTQF/X

    Score
    7/10

    • Loads dropped DLL

    behavioral19behavioral20

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/exe/shut.bat

    • Size

      28B

    • MD5

      15fdc55e9e8b1f0ac3f74108692baa36

    • SHA1

      c5c6bcd7b0c2db0f5c5368c5f4dde13f7ced2e7c

    • SHA256

      1c781f302420d20f326372c5c1c8adaa77a5e2c64fa83d0d59e10b4e25ad3b72

    • SHA512

      f872613bd06bb710c4f9451996cfd49451bb7e359604c247085d0cfff6d0518181d367629762db458b236b1d12ed85f3367c914da512886e028f0502aa28e0c2

    Score
    1/10
    behavioral21behavioral22

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/hey!.txt

    • Size

      59B

    • MD5

      5392487405b451378cecf85563e9a6f1

    • SHA1

      ea0a42e3cd21c70871cde50f55ddbeef0001e00c

    • SHA256

      d9a98c3d106467b67e62553c18b3fa77e70afdcb5205617a246191150bf33dac

    • SHA512

      e8d4fada7520817639d95029fca2cc79c3e6656b12b1743dd63bc908c4c9a20da6e1aa7d37ec476ca93da71d61bd8e859734dfce74544a41f8b822d416618773

    Score
    1/10
    behavioral23behavioral24

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/hooks/catto.hook

    • Size

      8B

    • MD5

      b6ccb4ece5454dcae51778b3e239ebc2

    • SHA1

      fae77458b7b33db3051840be61ddb131470bb961

    • SHA256

      ccd758e72a8a8cb5f140bab26837f363908550f2558ed86d229ec9016fed49b9

    • SHA512

      de4c2ff99fb34242646a324885db79ca9ef82a5f4b36c657b83ecf6931c008de87b6daf99a1c46336f36687d0ab1fc9b91f5bc07e7c3913bec3844993fd2fbad

    Score
    3/10
    behavioral25behavioral26

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/img/ico/icon.ico

    • Size

      50KB

    • MD5

      cc39960bc52d63f807891d75f57734c8

    • SHA1

      05eec0b50afd425af2ff55ae9321a80865e15533

    • SHA256

      921553107d6a6392dc5e7396ffe214ae6084f86610aa593bb1452f51ecd2165c

    • SHA512

      5e71be52c6473a42181293288afa01c3f08adf32c9f86c26fd982477eb2c1d048ab15107feb31980047c6dad4367f3b0deb6298cb05fb8592b2e059067c03a50

    • SSDEEP

      24:VWWWWWWWMtSSSSSSSEtZtZtZtZtZtZtZtZtZtZtZtZtZtZtZt9fffffffKfffffp:Qfffffff5

    Score
    3/10
    behavioral27behavioral28

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/img/ico/icon2.ico

    • Size

      12KB

    • MD5

      c2c83e167f5ab7cd7aaac483788093e7

    • SHA1

      e59095b716cc0fd0b8032e0571d149284d9c2908

    • SHA256

      0e94bb3f14f7f104322dda0ac140b9c371efb57eb0015452b422afbf94d7755b

    • SHA512

      e5eeba09ee5bf47b24d8927cd37ddf37df443a2baab1e9ae592ab892a14b7117a16863c0ce622100d473ff7945f8cf29c2ed46ff373ac7926610086d5b6a7d3d

    • SSDEEP

      48:kJ9N1edxXFC9g9gP07z/r326kespfJRfXRUv/FrpZecuViZLmOoXexgR:k5wxXh9gWm+mRRav/FbeeK1

    Score
    3/10
    behavioral29behavioral30

    • Target

      Catto Boi The Quest for the Frozen Tuna (04)/data/img/ico/icon3.ico

    • Size

      12KB

    • MD5

      ac7b73e66604bde3a362ed38e758af97

    • SHA1

      afeaf85cb6e97077a6565b01e13de8e4f7ea555a

    • SHA256

      aea9eeca0735462bf736521eb62673d28350709e27133a59dbf1fe35a58d7155

    • SHA512

      0c71ee2b646c4ba85e39c954fc7bdc0ed4bdae3f6c90a78ef2eb1b7144845078ca37075a2d015af203027f16e05b1eb631a94cb71afa46dce46be4e61d23a943

    • SSDEEP

      96:S5GToWQpLElBHcaJt+TmRtiqgQIkv/JVwQklpoj:sGToWELMHcaJt3UqgpknJgY

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
7/10

behavioral12

ransomware
Score
7/10

behavioral13

Score
7/10

behavioral14

ransomware
Score
7/10

behavioral15

Score
7/10

behavioral16

ransomware
Score
7/10

behavioral17

Score
7/10

behavioral18

Score
7/10

behavioral19

Score
7/10

behavioral20

Score
7/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
1/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
3/10

behavioral31

Score
1/10

behavioral32

Score
3/10