Overview

overview

7

Static

static

3

Kiwi X.rar

windows7-x64

3

Kiwi X.rar

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Mon...se.txt

windows7-x64

1

Kiwi X/Mon...se.txt

windows10-2004-x64

1

Kiwi X/Mon...nc.txt

windows7-x64

1

Kiwi X/Mon...nc.txt

windows10-2004-x64

1

Kiwi X/Mon...lf.txt

windows7-x64

1

Kiwi X/Mon...lf.txt

windows10-2004-x64

1

Kiwi X/Mon...ns.txt

windows7-x64

1

Kiwi X/Mon...ns.txt

windows10-2004-x64

1

Kiwi X/Mon...lv.txt

windows7-x64

1

Kiwi X/Mon...lv.txt

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...in.css

windows7-x64

3

Kiwi X/Mon...in.css

windows10-2004-x64

7

Kiwi X/Mon...te.svg

windows7-x64

1

Kiwi X/Mon...te.svg

windows10-2004-x64

1

Kiwi X/WRD...F.json

windows7-x64

3

Kiwi X/WRD...F.json

windows10-2004-x64

3

Kiwi X/bin/settings

windows7-x64

1

Kiwi X/bin/settings

windows10-2004-x64

1

Kiwi X/bin/ver.txt

windows7-x64

1

Kiwi X/bin/ver.txt

windows10-2004-x64

1

Kiwi X/bin...rs.txt

windows7-x64

1

Kiwi X/bin...rs.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    101s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2023 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiwi X/Monaco/vs/editor/standalone/browser/quickOpen/symbol-sprite.svg

  • Size

    20KB

  • MD5

    649fb0a55b0e0fc9d79e6b7872a14c10

  • SHA1

    b33619c9dfd65d3f2e5a5fcb767a752123d51607

  • SHA256

    fcc3026b97068f3d9e1743d36ca26b96ffdbcd2841fa9d804caccc4f249911c8

  • SHA512

    3fb4b07e9313b69c84f887c9ca0464e4c8d06a98a8f2ad7d0b48452d068bd526004c21633d0279b4b5e17ad882acf8c7e99b4c3e7650be43b495b670a87d0cbd

  • SSDEEP

    384:cyPJZCcKWPJuCNoSmvcar1PNY6g2HdSjEc3/WD3:DCdCNkvcaQ6x9SjES/W7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Kiwi X\Monaco\vs\editor\standalone\browser\quickOpen\symbol-sprite.svg"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1384

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50ae99caea5553cf5348f3d68c63de31

    SHA1

    193000188a9224d6134d908f0743b5bf31986c59

    SHA256

    4f514658942daa93e3a637829da173fae4e382d1e5b58e4709abf6a3aea396b7

    SHA512

    b707d9b3ed59b760f533a8463727579d1a0c3d1dbae50762ce30d3993eefce523b5bf1d238045d2b9bd2f1d8f22a25a7c25511ecfd96be9e517e33bf27092274

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b3b203ecef65ba2066cbb8371171f77

    SHA1

    6205f5a7f57f9259a2cc20049a5d741f935daba9

    SHA256

    bc107f615590f1612cae4283f081ca0c088cd4e93eb4163ef651c42064359531

    SHA512

    4cd42b82de0d3d5d29ab37be1e37627e801e633d13e6024917818af04fee1fc610f8527db463addaaa4050a2601f2910e4a32702cb4ad4c43fd81cae935a7e7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38331ccb26fb8ee4a2031ed83405c6ba

    SHA1

    9c5de39017770151c33267483bf3e1fa44f47a90

    SHA256

    48c90423c71db90c13837d2f6e1d2b3b68625afaab81900fe17a11db88642bb3

    SHA512

    55fd86005a0e1c196335abfb44f3ffbd13d1dc5045c418577e1af892fe5dbaf6b883490172264bb0fcd8de6d98b8017134e7026248d98ad5fb76d364f1bf076e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    703b8787531c9704dea3870090fdd5e9

    SHA1

    370802ad063650a3dc24cad31333f04442f6dc30

    SHA256

    c275f34ed9f5ba9c765bace62e530424eb9cc7533bd5f1074b0efdaf5f6a2bb6

    SHA512

    27d1bb52283fae34d44b21f0811825387b3132e977a50a208a405be7b6eda9b22f09953322cfb46a9b65af29b171f9db9b123981c41105261fd932f0cbd1e3ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e94d76c2406208ea31d5269612db8548

    SHA1

    d515862071b2d551c91fef493cedca94e1498bb0

    SHA256

    955050fab8533915be979ee5996ef10e181b22fd7bf34569de2e32c0e6d94a36

    SHA512

    31743df874e500f84eab032c2eff5c82d1f430d906dacd8f736e854dc631d8a6501a7ebae184cfed51cefb7ac4402bc5acf47e45a53c33c5e1c485d2ba04c050

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa491e69049233f5b8cb1d610b168508

    SHA1

    11fe0adfee22eae8467c20f50aaa2a69625250be

    SHA256

    c92f19e413991871000c7c234bf2971af7d19f2622a253a631b36f8546f178fd

    SHA512

    80dd0fc6513e7f3d409a437415b3d31697a328dfc0be13a1b84581b334df31099d4cfa40f11efe719c2b2a43242548f770282826ef683537dd085229af96a24c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74f8c5768db2888ed1676907d717eb97

    SHA1

    141bf15d76e7604651fac1cc692a96211cc55ca0

    SHA256

    45db586fa3d97c7d56ca61edd406ee279e611da93258fcd155606458b36f48df

    SHA512

    bac1d69d5a2650485e4f1e75547b50440e6beaf98f0423abd6f4961b82f03b847dae1e124779a2d0eaad0c958ddbc5ee04ebf74e86cdd3224b5928eb830f7975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f4de83406b03edb285bc17644654c87

    SHA1

    1e047e6df6da2c73181febd9ca0264c4bf328cb5

    SHA256

    78cb023ff2e931d8f685c484b5910ec55ff68dc7ab59aa5471f9e28cc91587b1

    SHA512

    a7210dee445181eee8c49517a78f7fcb3a4310a00bc44432331b859ce81c8f95b8bb7b6c545635d5d20acefff6b46492696ffa83a0ca432d6c64c8542f95131d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39e83de3f7733682c3e3673170345431

    SHA1

    605f7ad06923f2a361e5e716dea758a00c149fd6

    SHA256

    ed0e04abd946b018a6670a5dee93835ec9eb952db345194ccdc3aded9cd02f24

    SHA512

    265337864aa6e49ffa218c0ff3ffecc300bf9922d8993fbb3e4f7f74b5b5ae344a2ea94a17d9c20bc952788cf86ec138977a664a2dec16886a9b097ce81e3944

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7c74059176cb1275e6f4327349f0b91

    SHA1

    735b806fffa9fa1a108b067a0058aa2e4d14712e

    SHA256

    c1a10b9114550c65f6e7f977218a4ddb27a45465e634d34ca5fcdc7a48c1fac6

    SHA512

    4ecd5c0eab82778f36e7235a589494ad4ec2ef259366b51203eb6f755f5b911a43aa5a02007f702d9e3297217cad954c2e62ca72509153c0ae0ffb1c719238d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M90WC9I6\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D21.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5FB4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Q7CF6YO6.txt
    Filesize

    606B

    MD5

    fd56fb69094f05cda34d9b525250559d

    SHA1

    125db5ea5b1932a0ced379c26d4421bd2f40b665

    SHA256

    b0bc45c9f030278fc20619e600abd912f55c8b7c616e1cbb38edb33e1e9d971b

    SHA512

    8d4f9e8416010bdf6fbe64e23564260451cd834cb67a6123fc26082c8caf00f33a2fdfb5cc5f048a782bf454388fed5725d6653dff1245bd717d8d91b6785942

    Download Submit