Overview

overview

7

Static

static

7

KMSAuto Li...64.exe

windows7-x64

7

KMSAuto Li...64.exe

windows10-2004-x64

7

KMSAuto Li...to.exe

windows7-x64

7

KMSAuto Li...to.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c092d20b7fa190bc496ed2d5943705e2c33278eedf6c7fc06bfbb7c92cfa772d.zip.zip

  • Size

    9.3MB

  • MD5

    f5aaa05a14ece6ce494dd390634d00b2

  • SHA1

    e5bcab8bc4e0903ccac5c0dec1642371bb95d502

  • SHA256

    434a708fb26ac0e4e589ed62db01f9dd86383a31431b32fda294c271fe1f7fce

  • SHA512

    de146531cd109b529e5279f26bea1dd4eba1fe98c4cd68dd65867f4447f3f7b2f528d05ee2d1c59a4bcb8f337e1b1e962a440ef1711cce1cfbb2a72d76dc2cab

  • SSDEEP

    196608:siZEdVvmtzhtw1I039JTqL0TwR2dSaqmidw5q5ItIr6T/Y4A:sYEXv11I0NA0TQcxqmidGyIySq

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • c092d20b7fa190bc496ed2d5943705e2c33278eedf6c7fc06bfbb7c92cfa772d.zip.zip
    .zip

    Password: infected

  • c092d20b7fa190bc496ed2d5943705e2c33278eedf6c7fc06bfbb7c92cfa772d.zip
    .zip
  • KMSAuto Lite Portable v1.5.0/KMSAUTO X64.EXE
    .exe windows:4 windows x64


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x64


    Headers

    Sections

  • KMSAuto Lite Portable v1.5.0/KMSAuto.exe
    .exe windows:4 windows x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86


    Headers

    Sections

  • KMSAuto Lite Portable v1.5.0/KMSAutoLite.ini
  • KMSAuto Lite Portable v1.5.0/readme_bg.txt
  • KMSAuto Lite Portable v1.5.0/readme_cn.txt
  • KMSAuto Lite Portable v1.5.0/readme_en.txt
  • KMSAuto Lite Portable v1.5.0/readme_ru.txt