4999ddfa8add7326b2715fca4d2a169fe1160e00349cac2a38c53754ac639794

Sharing

Copy URL

Twitter E-mail

General

Target

67ac4a10e0482a10ff33721db60d65cd6caab74bec68509e527b43fa09bf0970.zip.zip
Size

54.6MB
Sample

231107-rc6jyahf39
MD5

869eb47a60bde141aad530e97d4026eb
SHA1

eb05319713add5978039047628921d705e9df2cd
SHA256

4999ddfa8add7326b2715fca4d2a169fe1160e00349cac2a38c53754ac639794
SHA512

b1abc752350347d2abd951fd3d1f3e7c59a4dbd57a5806ec2641f9f769a0d79854d0dc16509ce84a8762e94137f171c1e6e65b5947d401c4b0b7fd5c45fd3f01
SSDEEP

1572864:v7WrpDP49RTh1hgl8XlnFcifuGhn/lNyft:v2pDW1h5X9FmGxlNst

Score

3^/10

Malware Config

Targets

- Target
  
  ConfigKelmis.exe
- Size
  
  309KB
- MD5
  
  4c691f486204cfcafd4e74fdcae91f46
- SHA1
  
  e060aa122fa08c31a09ee9c128f054528c512811
- SHA256
  
  a8d60ecc106d87a5b4548b7ad74e883744bd1ea67c8ebe320a8891239227e291
- SHA512
  
  e9cce1fb9c0767a1fd034bcd999c9b5f85ef521f2abc53f877b33cd274984dab9e9089125c3dbfdcb769cf14dd89a37697d7010c7b4b897f7e3496866d9aa41f
- SSDEEP
  
  6144:KCBxmGX36RT1nQgCyZNBrKmdkF/JUdbfZWgT0PR8IxrnBCUXtX:txmG0dLfIT54Q8ItR
Score

1^/10
behavioral1 behavioral2
- Target
  
  Kelmis.exe
- Size
  
  638KB
- MD5
  
  d2d745b3210a17d3d50518e2c957a92d
- SHA1
  
  07b66db19739e0673337db1b2c9edd2d78183e5e
- SHA256
  
  133cc7cb530ff443b9299c2ece88b29ccdb79e8c00e66c063a344692eb00299a
- SHA512
  
  00bd5b86ce5503557f768c5f900820f35e7cf780be46503c2e6a3a82b522781fe435d62842484e9905b9c3dac381725701e7f4bd218481a60b666f3b4dc8209b
- SSDEEP
  
  1536:yC79gXAX271lcBzqEY2lkCswVxYDXosWkd09dlTaUGX5unVvX+9BRghXa9GGGGGl:XgXpJozm2lkCsuYDbMtZfVW9nWa29
Score

1^/10
behavioral3 behavioral4
- Target
  
  Kelmis_Data/Managed/Accessibility.dll
- Size
  
  12KB
- MD5
  
  63c434b864ff270ce9fef43917dc8621
- SHA1
  
  bd0a92569b2a14f52bea0dc52fae7238332c3b8c
- SHA256
  
  c36813bdf03fbad922e6558756c3cc2956e6f74457003947fa4e91952445e19f
- SHA512
  
  0770253b619a3f5b8154aaceb924e7c97fabcbc33a84db636662c3f8d24ac0967ba479745df6cc0e0b8e38483d2c93164540eb55ae3add512675360e88b125d3
- SSDEEP
  
  192:b1n3RPr/jgUiix4ix4eJFBRbl9KYYoK3ESmMadMpCNSeFU:h3p/jgOvRbli3ESmMadM4NhU
Score

1^/10
behavioral5 behavioral6
- Target
  
  Kelmis_Data/Managed/Assembly-CSharp.dll
- Size
  
  1.0MB
- MD5
  
  7b406f1ae72afbc956620d84d4b337d4
- SHA1
  
  ea4bb6129dfe3067ee5ce3261d08da15b8dbea19
- SHA256
  
  e4628c3cd49bb70756e2e6bf861fee7571b182fa7aeb5a5cd0f5d002c0f0772d
- SHA512
  
  fa8aeeeb4666bd0d8a6e296df2b4b75c31847d50bc14bff38059c55dc32bbd3c329d2c969defbe73a38a8e6b8d69035200cb6f2b86b477a37b0330c68303b7d9
- SSDEEP
  
  12288:UikPSvNdn5XQWK77D2Sk4DpBkDsbQVcOUPdqHewtZC9sXbcWloPRoQm5Q0WQ46:T7n9QWK7S6pTQVjUzy/2xm+rQB
Score

1^/10
behavioral7 behavioral8
- Target
  
  Kelmis_Data/Managed/Coffee.SoftMaskForUGUI.dll
- Size
  
  16KB
- MD5
  
  3f8d45e38e3a3c8c0f262c1cdd9d4fe9
- SHA1
  
  ef8209c9fed0c95076435008199e545655745ac8
- SHA256
  
  f8d653383266d500a9490e0a336b43a6259d096a9f27fa8701b15c8d51783842
- SHA512
  
  c39ba48cc5b199faf163fa52155226d50790b25e8eee3e63488d906953edb88c016d1685a45ea0926a72c43093e9178944cba63056ace293f28364a5c40f767e
- SSDEEP
  
  192:uhB8SaQwuUrMaGBjkpj1LZaTN73IP5ecB0pnM2fWn4nEHfUCKWwCGBfXrjJLy1+w:WBzwuUwaM2KJTcuRhVfXrjJU+w
Score

1^/10
behavioral10 behavioral9
- Target
  
  Kelmis_Data/Managed/ICSharpCode.SharpZipLib.dll
- Size
  
  194KB
- MD5
  
  cc547565785085d77197950305ff88d6
- SHA1
  
  e2d92d4139ff587c9ae02ef00e0579da0a9c896a
- SHA256
  
  2c32b22249ca820844cb40305e6353e8ca2f52737e5f5ee13f6bb8b36ade7263
- SHA512
  
  c096df120453193d633e800cfbd86049327308f98ff05a042232048f2f9ff7f6143b7d7166214d030c030ae01652e673a6ecba0a1623814739dd9181e7aebfea
- SSDEEP
  
  3072:pO7jZcX98fL59/6Gt2W0hiO/pNgfilq8Cym0RjISIu2IQRI61E4hcF60DwKkBhfn:pD9WL6GtP8/pNx48CCISIpER
Score

1^/10
behavioral11 behavioral12
- Target
  
  Kelmis_Data/Managed/Mono.Data.Sqlite.dll
- Size
  
  163KB
- MD5
  
  c3f45469e392a105cffe6ce007a54a61
- SHA1
  
  bf0edef3a0cb5fc35920497a108600d5625b869a
- SHA256
  
  5cfd7d5e444ec8d53755d4d82220524aa455f34b87a6f740b984d50465d76d4b
- SHA512
  
  d2fff88539fe6999ea428416cc153500f9ba5c2d130888853bec3568b1599b60d84da40fc3b7f08d4bde439c2d2500c720084064f92277a2ef16840a7cb83ff9
- SSDEEP
  
  3072:9b4Gh78nIXk4uuIgZUHfdNQFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbz:9b5qI04uuIg+H7QFNFGFOFwcGF6cmFWt
Score

1^/10
behavioral13 behavioral14
- Target
  
  Kelmis_Data/Managed/Mono.Posix.dll
- Size
  
  207KB
- MD5
  
  72c9ea78101c493635c0f763d1795d7a
- SHA1
  
  c04e331b6415bf566e1aa26550bf794651704c7c
- SHA256
  
  a33abceffeaa6b6d5dbd2cf77210daddfe331ed40eeae4cea3c5efb0c0db2cc0
- SHA512
  
  4dcc9495000f0cb0d93381a466f8d0553c2f9ef9521ac71979371b5eded37a25224a861ccc101a24b0b2741d30efb71d81d03fa00ca476bf8339c1786d9c46f2
- SSDEEP
  
  6144:9c9wE0Q11JQ1S+OWMYU7nUXxOwblnsAPe+Eg:9c9wE0Q11JQE+kY1SA1
Score

1^/10
behavioral15 behavioral16
- Target
  
  Kelmis_Data/Managed/Mono.Security.dll
- Size
  
  302KB
- MD5
  
  d1b792d07b0e08ef190eb6ef5361e6f3
- SHA1
  
  36890188d80598132d63561ded707e641282f2a1
- SHA256
  
  2b7651b398dc63af0dbc0038758981c29238a495681a7ed487357a464ad4de15
- SHA512
  
  1229d49068401a078b81ee398524327ccdebcd2fb6134c980d643b76f075244f2670d0773aa35027aa8b8d40ad6c29f16a223b142f3a6595c3641c32c8c31215
- SSDEEP
  
  6144:+JvWNTGENjTzSQfGFzPTzcyaksosrNn95tq:fmFz9mN
Score

1^/10
behavioral17 behavioral18
- Target
  
  Kelmis_Data/Managed/Mono.WebBrowser.dll
- Size
  
  163KB
- MD5
  
  ac6215e0a18a783958a39f6fd8e74057
- SHA1
  
  ac7cbaec3869728b236634691c356512af308054
- SHA256
  
  7d2eb49a5120d9b1f3eb3c6501d4eed6cacf81f921fbf5c248aab5f0d093f2ee
- SHA512
  
  36eee8f732e6e5c4664dcf77f5d1dc03ded650720624de532cbbd4fe2214accbb2a08365ae2cfc8640e30f8ae1aa81532f867ad303c2798fc5288f6393a78e88
- SSDEEP
  
  3072:ot5akP49r7Mt5as0yAg2TMqEHbbqRJz7FW0g:IP40fAMW3
Score

1^/10
behavioral19 behavioral20
- Target
  
  Kelmis_Data/Managed/Newtonsoft.Json.dll
- Size
  
  667KB
- MD5
  
  d46892cc58663531b78625cf74acb439
- SHA1
  
  d4245bd8ea576c4250950b337d5d1047c12c703a
- SHA256
  
  759accaa5fb7bddb54a2ceab92a3d8ab50750333ec73b62605aea6165d1ca6dd
- SHA512
  
  fa204ab353a5f9a1885a5fedd5df48db6e37894ed93e994f92fdd273d06e58523c39d9fdfc31a55fbd02a9b023fd9a0105fc871b9ae518430e71b0a9af13f284
- SSDEEP
  
  12288:+m76XVrdlC5KK/BGoG1wQvOFTQ2VS8N9XBBjsgV:+m7w/AAoG81gMXBBjsgV
Score

1^/10
behavioral21 behavioral22
- Target
  
  Kelmis_Data/Managed/Novell.Directory.Ldap.dll
- Size
  
  241KB
- MD5
  
  83bdaee702eb61a6515a40b40903de7b
- SHA1
  
  0ee79fd4b02cc52729462f18f9d2c321a7e7bd65
- SHA256
  
  c1f304fdfd658594fc353dc6cfb5593cef32c0623fbfb6f26acc5e0d40877552
- SHA512
  
  6a965b9e01d2012c6b7304a7cba226a42a62a5cd7fd8b6d7b07d8fdb16dfacf0172989fed050eb0206d6cbb6b8c9136442ae4f847c99b49fbd0f6339c764282d
- SSDEEP
  
  3072:l6OgMuqCdVTxVHHK4ZXSCI8W5pzZGJt1qF0qpk7tI9/93H9w/JXWp6b226vyyv+f:l6tnd5nIpzZG1qF0qNGJGX2IRvkbT
Score

1^/10
behavioral23 behavioral24
- Target
  
  Kelmis_Data/Managed/System.ComponentModel.Composition.dll
- Size
  
  250KB
- MD5
  
  a286ba1c012b3f0e0015f2206d7c4345
- SHA1
  
  9cfbf75ad321a8670ebf9ae4415c9e24436ffb05
- SHA256
  
  9bdc792fab55d5820bc9157258c322e447b103e4078dbcb3849ffe0a17e54f17
- SHA512
  
  2d6ba24e8e85acd949fc50067bec3397cc7964d419ac4ccfa410a9fdcdfd4afe878e8baef6d5a64288f8d232186d6d51a70653a2074f238ab5ddb05b8e8c93f4
- SSDEEP
  
  3072:1yNoMHX71VOFhbrHtfPe7Ex/EGgDX/sogRGTQRVlHHQVpjtCMa2+KF:eZ3JybrFWZgRsIy3tCMaa
Score

1^/10
behavioral25 behavioral26
- Target
  
  Kelmis_Data/Managed/System.ComponentModel.DataAnnotations.dll
- Size
  
  82KB
- MD5
  
  b34188fa0a45b438f5cef1362e85147c
- SHA1
  
  1a4fa7ec667969e2d6177e42952b03536b6bb0c1
- SHA256
  
  4b2b8f7b2eebff970ef247ec94d271d6664514dee62a0a97f03b03dbe589f357
- SHA512
  
  12c40a7e1c61f33e8c8610c35a5a8c74e739ecd8458f0e6403508d5dea69956904d299718889036daf71fecf5d01236b0dc04dbc0206acd49b4c1e6dcc1e9e84
- SSDEEP
  
  1536:CoZEzJ7HR3HMNI1nL5WZpNT6n3Ur/UlcjUK6NBTgV:CTxXbLkZpNT6n3UglcjUK6NBTgV
Score

1^/10
behavioral27 behavioral28
- Target
  
  Kelmis_Data/Managed/System.Configuration.dll
- Size
  
  122KB
- MD5
  
  d0a550f30b09ac8e5f49ad6d7daab4c4
- SHA1
  
  d502b45d880866d8608a5795033390ffde6df6a1
- SHA256
  
  cd5793957604e1448443da0d703f29a31100d4a7030c140121c7ddf6b2027d94
- SHA512
  
  e24f1d15a5017ac034a52bb8e3466912199b45d75f0d3e4b03d3ed604bdf67f1109a75660ed22c1219973c5c6b3f33692777112fbdf14b5597ef967ecea395da
- SSDEEP
  
  3072:JH3xt3GrHyTALVXzA4k8y3Kpn5WJzL0MIeZH4+:JH3DcSTSVDMJM
Score

1^/10
behavioral29 behavioral30
- Target
  
  Kelmis_Data/Managed/System.Core.dll
- Size
  
  1021KB
- MD5
  
  ee54cdd0260259a087442949da49f50a
- SHA1
  
  49aafc2caeb908ccc8f8598414a317cc2cebf9c2
- SHA256
  
  d982f54622edc2ed4637fe547b70907f589a2ae4de4b6d604c54ee35f97dca03
- SHA512
  
  09af08ef2c72dea7ccf440e168a684e35bca1eba96d6276e8a3855be270ee8c91b92869b415622679f6dea95c29b096001b756d1ca7c58dff98a3b666a9e56d4
- SSDEEP
  
  12288:GDQR1+Dy+BcB5Qud7DfVsL9KVI36owJKbYvB54wkHXdt:bn+BE5jVsEWIWYvB5
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32