Overview

overview

8

Static

static

1

zKevsh.json

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zKevsh.json

  • Size

    653KB

  • Sample

    230612-ak8ktsac58

  • MD5

    ec0e5f629cfa22f2e9a6874fc3716148

  • SHA1

    9f47ac79adb322646a1bf35bdc8e7b7ba7d0033e

  • SHA256

    684f43a718891ebe286ccb3a0dc2291f64abb427a1b6cef671c21ab65cb004c9

  • SHA512

    f4ccdab1c4ce88c4195aa2aadae850c9c9cb4280b50ea066efabac25b0e175f0568cb0eec65d551f9bc057f576952a003abd727a1f28496f07167ddbe2f8ca30

  • SSDEEP

    768:JXAqPriCosITFwawhxxy+CBX3OuMGBfrGDvPhWd6DIlDIaPvITmKd:5UCo7FwaYxxy+mX3OuqnL5

Score
8/10
persistence

Malware Config

Targets

    • Target

      zKevsh.json

    • Size

      653KB

    • MD5

      ec0e5f629cfa22f2e9a6874fc3716148

    • SHA1

      9f47ac79adb322646a1bf35bdc8e7b7ba7d0033e

    • SHA256

      684f43a718891ebe286ccb3a0dc2291f64abb427a1b6cef671c21ab65cb004c9

    • SHA512

      f4ccdab1c4ce88c4195aa2aadae850c9c9cb4280b50ea066efabac25b0e175f0568cb0eec65d551f9bc057f576952a003abd727a1f28496f07167ddbe2f8ca30

    • SSDEEP

      768:JXAqPriCosITFwawhxxy+CBX3OuMGBfrGDvPhWd6DIlDIaPvITmKd:5UCo7FwaYxxy+mX3OuqnL5

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks