Overview

overview

8

Static

static

KMSpico 9.3.3.exe

windows7-x64

8

KMSpico 9.3.3.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    KMSpico 9.3.3.exe

  • Size

    2.8MB

  • Sample

    221231-hg74wsce6w

  • MD5

    4e4387bc87f70a3587b52dc0f32483f6

  • SHA1

    1ee3cd79a1e9917b126a936cd67083988097c4df

  • SHA256

    7beb554ce8916f16bea469f9f335d3fb673f1a21beecc8f346678afb291b36a6

  • SHA512

    f691a87b05688932e763c26c54b00220fdc8dd182fc494828d500e5c5286590d5005a400ac0247cc88d79db323779c86115ca518c478c26cd6a53f6c7d94ab2e

  • SSDEEP

    49152:k9ywS32SyGX4w/ouaHsXej6e1VGo2Hwts4/HEGucpPUcuzWq:uA9yGX4wwrU21E1BwEc6cuzWq

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      KMSpico 9.3.3.exe

    • Size

      2.8MB

    • MD5

      4e4387bc87f70a3587b52dc0f32483f6

    • SHA1

      1ee3cd79a1e9917b126a936cd67083988097c4df

    • SHA256

      7beb554ce8916f16bea469f9f335d3fb673f1a21beecc8f346678afb291b36a6

    • SHA512

      f691a87b05688932e763c26c54b00220fdc8dd182fc494828d500e5c5286590d5005a400ac0247cc88d79db323779c86115ca518c478c26cd6a53f6c7d94ab2e

    • SSDEEP

      49152:k9ywS32SyGX4w/ouaHsXej6e1VGo2Hwts4/HEGucpPUcuzWq:uA9yGX4wwrU21E1BwEc6cuzWq

    Score
    8/10
    discoverypersistenceupx

    • Creates new service(s)

      persistence

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks