Resubmissions

21-11-2024 16:39

241121-t5z9qsxrhj 10

20-11-2024 17:39

241120-v79rma1ckp 10

08-11-2024 04:15

241108-evbfasvhlm 7

08-11-2024 02:54

241108-dd3b1ssqbw 7

General

  • Target

    Animalia_Setup.exe

  • Size

    683.8MB

  • Sample

    241108-dd3b1ssqbw

  • MD5

    d652c61668315117399986777c68c09b

  • SHA1

    ffdbec785a4ad9b9ce41618ad233fc04b8e8ccc8

  • SHA256

    e259f8e69085151805395fad4970f4e2b3920363b32a692bfd4eab6680c8d8e9

  • SHA512

    3745ec26d5acac91d62638392b167ccbb124080593dcb1ffdabef68460726397d200a3b439a8e63a2989a15e6b75f397ddc5366730958ecc213c6b84b622ad43

  • SSDEEP

    98304:6wRECL/6tcnGp2ml3Q51nALymL0wmLHhfKxButG2jqlWedjOfXlHJ0zCYJqvJj:mCecGp283y1YyS0JLHIJnnQXlH+zsB

Score
7/10

Malware Config

Targets

    • Target

      Animalia_Setup.exe

    • Size

      683.8MB

    • MD5

      d652c61668315117399986777c68c09b

    • SHA1

      ffdbec785a4ad9b9ce41618ad233fc04b8e8ccc8

    • SHA256

      e259f8e69085151805395fad4970f4e2b3920363b32a692bfd4eab6680c8d8e9

    • SHA512

      3745ec26d5acac91d62638392b167ccbb124080593dcb1ffdabef68460726397d200a3b439a8e63a2989a15e6b75f397ddc5366730958ecc213c6b84b622ad43

    • SSDEEP

      98304:6wRECL/6tcnGp2ml3Q51nALymL0wmLHhfKxButG2jqlWedjOfXlHJ0zCYJqvJj:mCecGp283y1YyS0JLHIJnnQXlH+zsB

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates processes with tasklist

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks