Overview

overview

7

Static

static

3

Kiwi X.rar

windows7-x64

3

Kiwi X.rar

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Kiw...config

windows7-x64

3

Kiwi X/Kiw...config

windows10-2004-x64

3

Kiwi X/Mon...se.txt

windows7-x64

1

Kiwi X/Mon...se.txt

windows10-2004-x64

1

Kiwi X/Mon...nc.txt

windows7-x64

1

Kiwi X/Mon...nc.txt

windows10-2004-x64

1

Kiwi X/Mon...lf.txt

windows7-x64

1

Kiwi X/Mon...lf.txt

windows10-2004-x64

1

Kiwi X/Mon...ns.txt

windows7-x64

1

Kiwi X/Mon...ns.txt

windows10-2004-x64

1

Kiwi X/Mon...lv.txt

windows7-x64

1

Kiwi X/Mon...lv.txt

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...6x.svg

windows7-x64

1

Kiwi X/Mon...6x.svg

windows10-2004-x64

1

Kiwi X/Mon...in.css

windows7-x64

3

Kiwi X/Mon...in.css

windows10-2004-x64

7

Kiwi X/Mon...te.svg

windows7-x64

1

Kiwi X/Mon...te.svg

windows10-2004-x64

1

Kiwi X/WRD...F.json

windows7-x64

3

Kiwi X/WRD...F.json

windows10-2004-x64

3

Kiwi X/bin/settings

windows7-x64

1

Kiwi X/bin/settings

windows10-2004-x64

1

Kiwi X/bin/ver.txt

windows7-x64

1

Kiwi X/bin/ver.txt

windows10-2004-x64

1

Kiwi X/bin...rs.txt

windows7-x64

1

Kiwi X/bin...rs.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    175s
  • max time network
    180s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    01-11-2023 20:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiwi X/Monaco/vs/editor/contrib/suggest/media/String_16x.svg

  • Size

    4KB

  • MD5

    48e754cb54c78a85dcc9aaea9a27847e

  • SHA1

    8d79b23037deb6586e4954305dcb4caee14afbd2

  • SHA256

    d1aa361f33564e8f9d527a01a66c7ce35d73f23417432e80ddf51f562770ee79

  • SHA512

    f6d902b5c73b59636cb71d4019ff45cb77532bf22aab28a8314697e24a62163a94140c97495ad5ce421c09c26e4bcbfe5a815eae27e945c51ccd80c2ba9c3a77

  • SSDEEP

    48:CnN6wkEX+c9Vlt4AFCj93Z0hDC7hSBnukNyhDFtrJGuG2XvS+yZCahDC7hSBnhKm:zJWFCMcfkCFGE6+yZCacJImkArbbqrAm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Kiwi X\Monaco\vs\editor\contrib\suggest\media\String_16x.svg"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fe9895a3f5e0901048e3917acb7fc31

    SHA1

    da8ea33d3b9294942d385211b87b9711ae17160d

    SHA256

    b39b649ebcc666def51edc3fa9a00866e177b7fb6a0f76bc1235868fb98ef027

    SHA512

    2ab7b00f9109f6344624ef0b03fae47881e1a37f9ea008848be2ff520a40a67bed7a48bf4d6b16d413f897568e8d9338f67347359d055fa3da7f61d635a19907

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95082553f36ca9d699c6dbc1e987f53f

    SHA1

    3ad0c565babaf799778f84fcd2db4a2d95da771e

    SHA256

    a3308ca03e98f783590b8df34f625a1a240afa6505831c92fdc021e7ce675d1c

    SHA512

    52034b745530ef2038d2e007c996cdcc0cbabb50cba86fba8045b89e1b8db5c6ed43caeda1fac8c87ca210b30a29e8adea8bb78f4699df1184c23e021daded43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94f2714ca4182479c4b3bebb5c66099f

    SHA1

    e9f6891551de302ff66a80a98c1929faf165a7f2

    SHA256

    1e49a9481018d83da6da5f620ccf4a03d68d58eb7b15032c502b53219bfcf8b4

    SHA512

    890f23b3725b5f0ece05ed69ec6efb9edd30cfa81947ed5d34a81fe676b28368de52fe33398503147a8e1753a3983274195d5816c633313f62af3e008710325e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90830537f2aae2f82b699d72e475e18b

    SHA1

    143a608848b8bc03f019ba9d0d8b9e9beec1cfd3

    SHA256

    e153487774f22c00b70c6dad05649e16894076e358ec185345041137361ccee3

    SHA512

    97ecb2018af1a7fe46bac8de49539fe65e34c65515f55f8f37386f4038d1432b21ee9095a615cd55a0ba2ec8a4b26360d50222446dfed52c260d9a44d7cc7203

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a94efb4f24c26ffaabed017775024b72

    SHA1

    e454cab0385265040ed66ef032aecccf0e993594

    SHA256

    37a41b0e2a88c4d649eaa0f0bdfb5789095eff912cb48ec2aa8ba4a0e05823f6

    SHA512

    94c7cbc9b47b371ca7502f53eef1eb7dc1dd1561b04494fe0e6a0463bbe8b825c6733b532d3eb0ef1ae8a5fc330e6793104004bdaee155ca92715658ccd4c966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2d0fcef5435022e5bb68a23e1fd9149

    SHA1

    3e36a3deabf4caa723bfe20e253ec405c496ab78

    SHA256

    3bc8ea42a0b8f43f970ebdbeb37484a79153bc85bce3b917158d4e654056d1ba

    SHA512

    ed8bb5d07e33c9909b4a07a60e1a01a61f446fbc66da9727432b47bff357f8419cb8f4741accd391f864734fa39e9bf12661f2c8f901f09c8a7981903ca244a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb25d5d9acc316cbe81337f86d3b1edb

    SHA1

    177f458072c048396d97fb9b2954771e7eff644b

    SHA256

    df61e1a3d9c2ae04baa71933342adf0adf16a76d4530e4ab3187eb8b2590b923

    SHA512

    b45bb5ad716e97ff31a3f3be6d6059fe85f028419fb17bb785da1594318acd0ccdd06027a2237c310230176856563bb42bfa27e99b8a6c4e6406f4e4a7154efa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d42af2f0444fa0fd30fef31fcb4d946

    SHA1

    75b6aa41e5562a75288d36cf95a2f187620415f9

    SHA256

    d6018f22b87643099b57ec5a02e05238011044464e5a6e980bf5c57b4c59d3ea

    SHA512

    d9e34a3c3fa0167c63a9d049ecf08fd8126c2d86e25c5ef53cde31865fff5104bbfe09978d8cf066a6dbf62bd5945c21c09472bf74a0655c0827b97610557625

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7AAF.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7AE1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit