Overview

overview

7

Static

static

3

Kiwi X.rar

windows7-x64

3

Kiwi X.rar

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Mon...se.txt

windows7-x64

1

Kiwi X/Mon...se.txt

windows10-2004-x64

1

Kiwi X/Mon...nc.txt

windows7-x64

1

Kiwi X/Mon...nc.txt

windows10-2004-x64

1

Kiwi X/Mon...lf.txt

windows7-x64

1

Kiwi X/Mon...lf.txt

windows10-2004-x64

1

Kiwi X/Mon...ns.txt

windows7-x64

1

Kiwi X/Mon...ns.txt

windows10-2004-x64

1

Kiwi X/Mon...lv.txt

windows7-x64

1

Kiwi X/Mon...lv.txt

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...in.css

windows7-x64

3

Kiwi X/Mon...in.css

windows10-2004-x64

7

Kiwi X/Mon...te.svg

windows7-x64

1

Kiwi X/Mon...te.svg

windows10-2004-x64

1

Kiwi X/WRD...F.json

windows7-x64

3

Kiwi X/WRD...F.json

windows10-2004-x64

3

Kiwi X/bin/settings

windows7-x64

1

Kiwi X/bin/settings

windows10-2004-x64

1

Kiwi X/bin/ver.txt

windows7-x64

1

Kiwi X/bin/ver.txt

windows10-2004-x64

1

Kiwi X/bin...rs.txt

windows7-x64

1

Kiwi X/bin...rs.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2023 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiwi X/Monaco/vs/editor/contrib/suggest/media/String_16x.svg

  • Size

    4KB

  • MD5

    48e754cb54c78a85dcc9aaea9a27847e

  • SHA1

    8d79b23037deb6586e4954305dcb4caee14afbd2

  • SHA256

    d1aa361f33564e8f9d527a01a66c7ce35d73f23417432e80ddf51f562770ee79

  • SHA512

    f6d902b5c73b59636cb71d4019ff45cb77532bf22aab28a8314697e24a62163a94140c97495ad5ce421c09c26e4bcbfe5a815eae27e945c51ccd80c2ba9c3a77

  • SSDEEP

    48:CnN6wkEX+c9Vlt4AFCj93Z0hDC7hSBnukNyhDFtrJGuG2XvS+yZCahDC7hSBnhKm:zJWFCMcfkCFGE6+yZCacJImkArbbqrAm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Kiwi X\Monaco\vs\editor\contrib\suggest\media\String_16x.svg"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:568

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f61148c2fdf1a2aea93aee66933cae29

    SHA1

    d397f91c0faa6722f57d1d406552e4e72139351d

    SHA256

    70230e69079037d83ba2b795e7e511a8260159419892062071d089dad6810b7a

    SHA512

    8b8166eb2dfc8b212140b0b96f1c2fb7e02244c801185a4538f45c9dc53bbbc4008238ff4dc2ea17faf8f50e75ce428aec389e7617e8df9a8f34de0f0733fabf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ad02744c654cc0c1dc03ebdf56b3304

    SHA1

    e771ef42eda5066b88305f438a8d61f2981da84e

    SHA256

    c1731a81c5561b0d8fc90b5ecae82cd88ca7887b5c8d9a6a03f39517b34edeec

    SHA512

    1155d6fd1559c5df2646b74e5c1d024ba716521c7fd5756ef7ef716f8e75288217730bc151562b7c1daca3e39d65a7bc3f11b7bd790e228be87b9d8ee8e2dc04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d70b391e176b329ee1d565377958aa8

    SHA1

    3b1035cb5c887bb60828226b6e78e80d27fc5c26

    SHA256

    1c9a26e90a93b8eee357cc0f0daa5eddd80204c4dc49b30100db95112afbd38a

    SHA512

    bea04641fe06e14b19024391a9b2999a7e20ebe2980f98c5d1b12f56f05aeca6f652aeea88abda0d7cf16455b04351cbb47c6bd9a81e1e495ee5805f49ced512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69e3037be291ef653590ea2775a199e2

    SHA1

    427a261dceb6e4a0bc835546d64251e7da1f90c6

    SHA256

    17db92d17e94cd45970b97ab8cb3c2c81d8298536b11af99bf446aecf3386059

    SHA512

    4430870a3389fcddf9bb2fa9ee67bd02fb371308e40bc3f458a95f8d0f937168d50675d82db6960fc7abdbe29d34fc6a120bb4c83b3a4c31658a684210d34260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdbd51cd2df06caeeb42697c64bbf686

    SHA1

    9e0b5af5d089c064dbf390c0e5c21394e819ef5f

    SHA256

    4cacc879c8c922c5c6fabb406acb5408a90fb90df18699d872b9f4b6577e8993

    SHA512

    58d9a15fd9a5f05bfc95a29ae263378c11acf063f745c715a39c07a1ba0bb5dfa63207a9e1f140284af54a4c2f4de50604a6367b73ebc83f1c04ed0a6aaf3e0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    986e1bf381fa11872b5638ce8a124ad5

    SHA1

    f2c1fd8581c1286b976ca88f0a56a056be51f91c

    SHA256

    fbdd2fb4a4f4f1393ed20415c948b1e2e42acd19c6d62963c921e63edc40fcb6

    SHA512

    5364abbf30face6c346090b415724815b30458b69da90c2258a161c56fffe919990953fec0da1ffdda38351f453d6879ee2bb12e708c2948a47c0d9fec807d5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fa29dec387c862d850561f8400ef5d1

    SHA1

    f8c62ae060226d8670f0b5e3ca1f45ba6f48d6f7

    SHA256

    ecdce18a142bc9d7925171b4d33292ff0e794c6e817bb40d4b7e2e0f135acbf5

    SHA512

    b34afc252be85e75c8e7eae235d52aa070f576eefbd22acfb6c6e7770af0fa00e610053355dab71bd18dbe477e23133c3ec8cefc10d3c4572d1973f7b7e3ddd6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQLKSAYN\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7B98.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7C19.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\6ZZTQVK8.txt
    Filesize

    598B

    MD5

    fdf9727b447cdcab28167e16dc268cc9

    SHA1

    12dc537b3049ded29be1518e147179509e972d96

    SHA256

    6a0eca4af8495cb9264c3b2013099926fdc2e4a9f7c5d742a2d974306eea23e9

    SHA512

    38dea5435cbabb132e0cbbf5dc78984c172a61e47961e8a2b566a7ff2e09f5506100dbb63435b0f443354b20f9c60591e48c9ed1d3accc5ca259a282fc0d921f

    Download Submit