16d20e080a12c08cc0c87963e0b9983d21775b83f1469f40991c894c77fc7625

Sharing

Copy URL

Twitter E-mail

General

Target

animalsimscript-main.zip
Size

30KB
Sample

240908-x6t1wsvamd
MD5

e215b73c115b3107eb5a0f0cb80acceb
SHA1

6a3b902f44602d28c28b65297db7e38395866954
SHA256

16d20e080a12c08cc0c87963e0b9983d21775b83f1469f40991c894c77fc7625
SHA512

4e3459577bed0ed5203a0e9297b4d698121c84770b16fb4dca0f95321a02dbab573e5878df057d501023100302e3f14d503dff614b6ae28cdedb8cad9e3e1f47
SSDEEP

768:ju1owI3IJEwjlqF676HOjaCBZjxxnuGeBjsWvzF6763jaCBZdM2TL9yKACJ9vm/W:yFJbG9w1zxw9T1Iq9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  animalsimscript-main.zip
- Size
  
  30KB
- MD5
  
  e215b73c115b3107eb5a0f0cb80acceb
- SHA1
  
  6a3b902f44602d28c28b65297db7e38395866954
- SHA256
  
  16d20e080a12c08cc0c87963e0b9983d21775b83f1469f40991c894c77fc7625
- SHA512
  
  4e3459577bed0ed5203a0e9297b4d698121c84770b16fb4dca0f95321a02dbab573e5878df057d501023100302e3f14d503dff614b6ae28cdedb8cad9e3e1f47
- SSDEEP
  
  768:ju1owI3IJEwjlqF676HOjaCBZjxxnuGeBjsWvzF6763jaCBZdM2TL9yKACJ9vm/W:yFJbG9w1zxw9T1Iq9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates processes with tasklist
  discovery
behavioral1
- Target
  
  animalsimscript-main/App.config
- Size
  
  189B
- MD5
  
  9dbad5517b46f41dbb0d8780b20ab87e
- SHA1
  
  ef6aef0b1ea5d01b6e088a8bf2f429773c04ba5e
- SHA256
  
  47e5a0f101af4151d7f13d2d6bfa9b847d5b5e4a98d1f4674b7c015772746cdf
- SHA512
  
  43825f5c26c54e1fc5bffcce30caad1449a28c0c9a9432e9ce17d255f8bf6057c1a1002d9471e5b654ab1de08fb6eabf96302cdb3e0fb4b63ba0ff186e903be8
Score

3^/10
behavioral2
- Target
  
  animalsimscript-main/CLICK CODE THEN DOWNLOAD ALL
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

1^/10
behavioral3
- Target
  
  animalsimscript-main/Executor.csproj
- Size
  
  3KB
- MD5
  
  5f763bb866a241185a57fcdb83a77417
- SHA1
  
  a058fb939fd6b01b1718f82d4a493083827c6c54
- SHA256
  
  1e6d1542046e1dba40f6a9d79037cdf938373aab2c66e553b0b19eca32c27d9e
- SHA512
  
  f0c90b4393b8b28262d4704147b74839d913652d6d59b3af763ab6b8d5802478c4ca85ccedb3e4899300d4575c70437a4be78950f303fba78be07d637b28368a
Score

3^/10
behavioral4
- Target
  
  animalsimscript-main/Executor.sln
- Size
  
  1KB
- MD5
  
  4e7576a016dc70f52f9dd9a7d3a4eab5
- SHA1
  
  557ae902533b3ebcb636b9720a3d956b66e27df1
- SHA256
  
  cce7a2be8456245b7647c4b16097fe51fa9c9a646d0ac09c4f42a27619821d02
- SHA512
  
  76d919605e897753521967da8fa3566c1722200303599e0b8f502fb28a7bc2e2938a0bb3a13b971a3dd4f44dfd7ba4b724896a607390d5d6c79ec8f110c2f862
Score

3^/10
behavioral5
- Target
  
  animalsimscript-main/Form1.Designer.cs
- Size
  
  5KB
- MD5
  
  af93baab70752d0a82ab7a5e2d5afdd5
- SHA1
  
  b662355a4df3fed8ffbb74eef5e2922a978d5b63
- SHA256
  
  2550085b9ccfecc30c7cb888332af1615d8b54b406081482313f18864fcb2b9a
- SHA512
  
  02596b622b6a61e8cade3c3f40f410370d5ebc07148050394b2c638b4e3d96d98a204640b459843119becec67e6204c1673e5dcb461816a9648487347435abdb
- SSDEEP
  
  96:Mh2atwZTKzRG2rIG2RXPO3LY2uNG6y0AGn4qb2Ggz2XAGVDjuR8y+GN1l1g:Mwa+lGE2rB2RX23LY2j6yUn4q/gz2ZVV
Score

3^/10
behavioral6
- Target
  
  animalsimscript-main/Form1.cs
- Size
  
  389B
- MD5
  
  e14e8ae11dd225c02fcab402bc054b02
- SHA1
  
  499383e9a70234f3f7d4858ce121fb914a4ea1ea
- SHA256
  
  9b5f068beb00095c86d21658cf4a8ca87a45810c0a79848a2390d85b3648d0c0
- SHA512
  
  1f6370d853561b4d7a525377c18543efb2e305238b5387c3d712ac4c51cfbf0c31d9652af499860a72dcaa6996e5f7cc9c85b3e73a208e5a7094e4c9de6d2250
Score

3^/10
behavioral7
- Target
  
  animalsimscript-main/Form1.resx
- Size
  
  5KB
- MD5
  
  4eb5913a0e5aa842250f7419538fa230
- SHA1
  
  31fb76e5d9babe97a11fea041081f96ce426107a
- SHA256
  
  4363cd7d5b8671c72442ce1a1bfc10d64ebd24b2d718b54bd4fcd025e4967298
- SHA512
  
  846207f9db4c05d2070482c27af72c50b8f423ac1c7efb5266b059f6a41362704e9f5a590e428f4aefd791edd2e21c1b34473361911cbeea2cfcaf741b5bebff
- SSDEEP
  
  96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT2+0qSdvabvDBwbjBu3FqvuFZ:KjrbLPD9sLvIzSvKgIqUyahFZ
Score

1^/10
behavioral8
- Target
  
  animalsimscript-main/Program.cs
- Size
  
  564B
- MD5
  
  a4101ec08156e423aa059bb29d3be82a
- SHA1
  
  f23943d8bc24d35c811f6a4880a0feb3c303e369
- SHA256
  
  030176437790d64cea0cd4743b94e0d2088244e1cf40ba804b1bf5972cee9fad
- SHA512
  
  739c237106823eb1c6830ee79a8b74d8bc023ef9975f2887080fed93d7a56fe0d2f27deefd7f8caa9a899cf715a809306b69cfc8dff8bf2606dffe047b5b0281
Score

3^/10
behavioral9
- Target
  
  animalsimscript-main/Properties/AssemblyInfo.cs
- Size
  
  1KB
- MD5
  
  00bde1cbca578ab44a23e626be3a7330
- SHA1
  
  8f9feb407ffd1f3d5255c1884bdd7546611bafae
- SHA256
  
  a7e29cf20f2c86e084a8721db591c80d994fe35d384cc9c4e5e6436c4f0c6e0c
- SHA512
  
  0c5f2cd421e2b17a9475fc251c0dabb04f45a72222e9850af589d2a7a31758b2c8a70169f26b036e58295cfe255d892fca90ac3c0e634f859b6b8c437b42eb23
Score

3^/10
behavioral10
- Target
  
  animalsimscript-main/Properties/Resources.Designer.cs
- Size
  
  2KB
- MD5
  
  22da0e83f946d662c7edbce5ae79f88e
- SHA1
  
  9139910d593144a87ed9f59b7970da9158396f16
- SHA256
  
  e2940ac6259ebf828dbb0e54c507de40ce57a99af271afe7788ce80111c7eafd
- SHA512
  
  10f034c6567cc32b998751b095e07fd0c7b8f81b23e8b03c8f88d27265b9659e70db517740a47324fb432c7db35bec8477022b1717462445d1300e511de9ce88
Score

1^/10
behavioral11
- Target
  
  animalsimscript-main/Properties/Resources.resx
- Size
  
  5KB
- MD5
  
  0cd8c971317d19bbed44757809bcb92b
- SHA1
  
  47b15748ecc8e952c5935170090db7c269ce4b4f
- SHA256
  
  66b5ebd1b0fc73f041ba669ce2184f6f471d5e3524efa34ca31233e9f5395262
- SHA512
  
  883dba84bf7daae3ea49f9d54c13dda4f125da82ba63f90eeba0900602896ad9492a0adf7b69b67d838034090af20926af5c2934797afaadb38aa069786c1fc6
- SSDEEP
  
  96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT200qSdvabvDIwQBugqvA:KjrbLPD9sLvIzSvKgIqUEa2
Score

1^/10
behavioral12
- Target
  
  animalsimscript-main/Properties/Settings.Designer.cs
- Size
  
  1KB
- MD5
  
  ce7abf863ac238327911c71359bc54cd
- SHA1
  
  a7714aa81859939538131c5c104900636a91906f
- SHA256
  
  7c093401990fb5c275c5ed33dfb077d6a1b31c5a8c015339faf05c474495c7ac
- SHA512
  
  dbc39c1b466e7cfbbd79be348227a5da9f0bc8d72cf23f77cd72540b62d9aa6823def3b506ded9d1c4ee2592fd6537328e4427bf8e82e7adae8eff667975bf07
Score

3^/10
behavioral13
- Target
  
  animalsimscript-main/Properties/Settings.settings
- Size
  
  249B
- MD5
  
  8c0f00d7d9b0046695a0255f1b11b061
- SHA1
  
  5e1d04de66ffcc5dfd813530ab6992e6daaae417
- SHA256
  
  f6a4290723520caddd934b8800319c7ca6cc7eeab647059ec89b7a13b1513265
- SHA512
  
  a95c07dc3241b7c9f37b7f0a5c143c9c133c3bcbfa16e4a689cf47f45b3e9d0ccf5c965143a6848237e7a9fa8deecb89837dc12b12fabd8231fe94f3ccba26aa
Score

3^/10
behavioral14
- Target
  
  animalsimscript-main/README.md
- Size
  
  198B
- MD5
  
  6a24f799eb76cecb34d85ea8f3024183
- SHA1
  
  7c552c31d7a2d37b8a46c5236b0bdd5f108294f7
- SHA256
  
  a09258adf176d0b252cb5ef93c348ee7adfb47f10be57ec4c2ff00da3fb8373c
- SHA512
  
  3310c723ea72d965981faf67454995ba45bc43ec3457a6605949d5cb887cf60bdd4c0e9daaa0db3a954ab139a29e8c6034606f5962a4c40ac4498c0b2030b661
Score

3^/10
behavioral15
- Target
  
  animalsimscript-main/bin/Debug/Executor.exe
- Size
  
  8KB
- MD5
  
  e629937720908ea90864b263a8258813
- SHA1
  
  b2864b438e335a89e4c92e257c014ac6fd01d9a8
- SHA256
  
  e355f70aba7f6907996275a43574c7f387e92f868bd3f52eac128c7104e9af41
- SHA512
  
  1c9d412c88dd13f943c6f266fd83779deceb1f4dff9e91f0f87bb3263d5c60991cdd5522b277e23e49ad69b9a48d0b8a9d435d1c5aacbb3a14f9ec4f1f08a99b
- SSDEEP
  
  96:PtgTbKCT3+agLY7mbjeSzqH9qV9z+4+36QCYBv2GCMR9pUfEUzl7OwBzNt:PtgXKCbdaul8V5ps6QJRCMR8fEcl7ND
Score

3^/10

discovery
behavioral16
- Target
  
  animalsimscript-main/bin/Debug/Executor.exe.config
- Size
  
  189B
- MD5
  
  9dbad5517b46f41dbb0d8780b20ab87e
- SHA1
  
  ef6aef0b1ea5d01b6e088a8bf2f429773c04ba5e
- SHA256
  
  47e5a0f101af4151d7f13d2d6bfa9b847d5b5e4a98d1f4674b7c015772746cdf
- SHA512
  
  43825f5c26c54e1fc5bffcce30caad1449a28c0c9a9432e9ce17d255f8bf6057c1a1002d9471e5b654ab1de08fb6eabf96302cdb3e0fb4b63ba0ff186e903be8
Score

3^/10
behavioral17
- Target
  
  animalsimscript-main/bin/Debug/Executor.pdb
- Size
  
  31KB
- MD5
  
  901055f05eceb9370d179ef26558f8c6
- SHA1
  
  cfa738c635e28db4306b1e7b6099861982a3736c
- SHA256
  
  9c795918058f3cff09678ca386d6f5e2611f091bb2070c4b00aa0c604888e097
- SHA512
  
  b381db7f67358f17d0be99e18e3aa70ec6ca1dd82e16f86a26c6130074ea38bb315525643f9f749f192cf23085517d05764bb0bd95a156e21db9450d578cd221
- SSDEEP
  
  384:PIrY7lrY9R23hc4rECbhW4cY7y7R2RxBc:PIrY7lrY9R2RIYOR2Rx
Score

3^/10
behavioral18
- Target
  
  animalsimscript-main/obj/Debug/DesignTimeResolveAssemblyReferences.cache
- Size
  
  139B
- MD5
  
  84acaf9dcdb330e0173efeeef159dc38
- SHA1
  
  c2331aded226502decb45747425d0d99b48892b6
- SHA256
  
  395504d171775ebdebda41bc771097fc18b3ed0911e68dd0bcbbb50beed33c4b
- SHA512
  
  61a8dd2eb7c3e178c5a8ef475951ddddd4038fc77eec15aa8e3382f3609f47e2238b3df604e710b6c0798b596a31885844921efc4d1d5723f90fdbb2da85db12
Score

3^/10
behavioral19
- Target
  
  animalsimscript-main/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
- Size
  
  2KB
- MD5
  
  2ad8f0aef48f73b47e73dbd51b9580ea
- SHA1
  
  b184d82fe88a12f8b26eb2670d62836c63150c0c
- SHA256
  
  e62974672a7dbe02833f361e417c794a8eb50acbc6184f34fadbf816d8e81e67
- SHA512
  
  73cd0e4520e3a75e80ad294dd703c73fd6bbba8389a467bd7047582ae2fb613f513c1308bb6f4ede467e58ace1a4fe15a5c0a936390e68b4a06cfbaf37a40f77
Score

3^/10
behavioral20
- Target
  
  animalsimscript-main/obj/Debug/Executor.Form1.resources
- Size
  
  180B
- MD5
  
  cd7dbc7abeda9893ce25793744443958
- SHA1
  
  dbbbbe2694d4b9b990881f279b4313574dbeac9b
- SHA256
  
  e13ed2c59366d0eea74863fd71a81f0cb977cce1edfde304fc538690a4f6ac89
- SHA512
  
  e880f131ff460384940248ab2ecd97189ae0b7169fe5246440dfbce32f295cbd7697ce2ee65b434a0e40be91b91c21b2c14b1f446b2b1650d0a5d94c0d4f37ef
Score

3^/10
behavioral21
- Target
  
  animalsimscript-main/obj/Debug/Executor.Properties.Resources.resources
- Size
  
  180B
- MD5
  
  cd7dbc7abeda9893ce25793744443958
- SHA1
  
  dbbbbe2694d4b9b990881f279b4313574dbeac9b
- SHA256
  
  e13ed2c59366d0eea74863fd71a81f0cb977cce1edfde304fc538690a4f6ac89
- SHA512
  
  e880f131ff460384940248ab2ecd97189ae0b7169fe5246440dfbce32f295cbd7697ce2ee65b434a0e40be91b91c21b2c14b1f446b2b1650d0a5d94c0d4f37ef
Score

3^/10
behavioral22
- Target
  
  animalsimscript-main/obj/Debug/Executor.csproj.AssemblyReference.cache
- Size
  
  5KB
- MD5
  
  aeb5a3689dda928e1a55b11fee2c55b1
- SHA1
  
  c8a17bc5eaf5bcc21c9c3102797446db5fe5245a
- SHA256
  
  e6a66600341b91a3b6f4d8486ce4bb4c6b4a35dee3763980631d3debb897fd0c
- SHA512
  
  39eb567bc339aae38163830a374e5783da25caceca3ef6fdd12acccb2a025eb6cb6c66444417c2883bdd3966993190a56d4f20869fce281ff36250c83996139b
- SSDEEP
  
  96:M9JHfJ5ixVoPcJniQJHKilVJCi4JKim9BJCiJKisDFJDiJQv7QxVaCizRoJViaoH:4h5QjniyCsBC51D2xfVxbarY5C655Dkr
Score

3^/10
behavioral23
- Target
  
  animalsimscript-main/obj/Debug/Executor.csproj.CoreCompileInputs.cache
- Size
  
  66B
- MD5
  
  d8e01869960b3c68cf944e7aa26203cb
- SHA1
  
  ddc0267d232de4eb1dc78aaebc5d7b55af6e752b
- SHA256
  
  d86cb2a4b194714e0d04d97326bc0dac18c6c3a4f88df82b498794f21354cecc
- SHA512
  
  424528b8ca2d0c3b488626accf8d0913f0672aa4d3db823e23bad702ad2b24ea362bea5753a2a3ed5771b91a3213c2861d23622c3cb6e2a9c3f8b42072204a09
Score

3^/10
behavioral24
- Target
  
  animalsimscript-main/obj/Debug/Executor.csproj.FileListAbsolute.txt
- Size
  
  736B
- MD5
  
  f7ad4822ea711dfb82d0b1c7be12924e
- SHA1
  
  8bdd75c6d434a5fe96f0777c5346c3601fa57e63
- SHA256
  
  525e8f53a4e1e6b244e922142dba2d4182926ecfb7458c72f96892530bdb6234
- SHA512
  
  2644ac0c8cf3cba572cd617ab68a2903be13165b71c684f6cf354443464ac649c015a7d89ad3cee779329d0bdcd5e1a35f77c7be3bdd9e94579a8898dc28215b
Score

1^/10
behavioral25
- Target
  
  animalsimscript-main/obj/Debug/Executor.csproj.GenerateResource.cache
- Size
  
  126B
- MD5
  
  84ccc63448a42310e96ab4aadbefc7a4
- SHA1
  
  59f35f75d12e583f62a510a287f2df38f0f64ed2
- SHA256
  
  0e341977a0cd49adfaa3cf446fbf0633390dded21ef3e67b9371de1cf25e66d9
- SHA512
  
  14f169e74564b4846a54e5473d11bbb1fb7105be0a933f2a6137e487ae87a8271b6959dd94248134c25f10b4065e36d276445f528888e47e1fc41950d1d06d90
Score

3^/10
behavioral26
- Target
  
  animalsimscript-main/obj/Debug/Executor.exe
- Size
  
  8KB
- MD5
  
  e629937720908ea90864b263a8258813
- SHA1
  
  b2864b438e335a89e4c92e257c014ac6fd01d9a8
- SHA256
  
  e355f70aba7f6907996275a43574c7f387e92f868bd3f52eac128c7104e9af41
- SHA512
  
  1c9d412c88dd13f943c6f266fd83779deceb1f4dff9e91f0f87bb3263d5c60991cdd5522b277e23e49ad69b9a48d0b8a9d435d1c5aacbb3a14f9ec4f1f08a99b
- SSDEEP
  
  96:PtgTbKCT3+agLY7mbjeSzqH9qV9z+4+36QCYBv2GCMR9pUfEUzl7OwBzNt:PtgXKCbdaul8V5ps6QJRCMR8fEcl7ND
Score

3^/10

discovery
behavioral27
- Target
  
  animalsimscript-main/obj/Debug/Executor.pdb
- Size
  
  31KB
- MD5
  
  901055f05eceb9370d179ef26558f8c6
- SHA1
  
  cfa738c635e28db4306b1e7b6099861982a3736c
- SHA256
  
  9c795918058f3cff09678ca386d6f5e2611f091bb2070c4b00aa0c604888e097
- SHA512
  
  b381db7f67358f17d0be99e18e3aa70ec6ca1dd82e16f86a26c6130074ea38bb315525643f9f749f192cf23085517d05764bb0bd95a156e21db9450d578cd221
- SSDEEP
  
  384:PIrY7lrY9R23hc4rECbhW4cY7y7R2RxBc:PIrY7lrY9R2RIYOR2Rx
Score

3^/10
behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Browser Information Discovery

T1217

Process Discovery

T1057

Query Registry

T1012

Software Discovery

T1518

Security Software Discovery

T1518.001

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Checks for any installed AV software in registry

Checks installed software on the system

Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28