Overview

overview

4

Static

static

3

KMSAutoS/K...et.exe

windows7-x64

1

KMSAutoS/K...et.exe

windows10-2004-x64

1

KMSAutoS/b...SS.exe

windows7-x64

1

KMSAutoS/b...SS.exe

windows10-2004-x64

1

KMSAutoS/b...or.exe

windows7-x64

1

KMSAutoS/b...or.exe

windows10-2004-x64

1

KMSAutoS/b...r2.exe

windows7-x64

1

KMSAutoS/b...r2.exe

windows10-2004-x64

1

KMSAutoS/b...on.exe

windows7-x64

1

KMSAutoS/b...on.exe

windows10-2004-x64

1

KMSAutoS/b...01.sys

windows7-x64

1

KMSAutoS/b...01.sys

windows10-2004-x64

1

KMSAutoS/b...on.exe

windows7-x64

1

KMSAutoS/b...on.exe

windows10-2004-x64

1

KMSAutoS/b...as.sys

windows7-x64

1

KMSAutoS/b...as.sys

windows10-2004-x64

1

KMSAutoS/b...nt.exe

windows7-x64

4

KMSAutoS/b...nt.exe

windows10-2004-x64

4

KMSAutoS/b...09.dll

windows7-x64

1

KMSAutoS/b...09.dll

windows10-2004-x64

1

KMSAutoS/b...rt.dll

windows7-x64

1

KMSAutoS/b...rt.dll

windows10-2004-x64

1

KMSAutoS/b...rt.sys

windows7-x64

1

KMSAutoS/b...rt.sys

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b70d9e75d0f84a409ce81d85debf74f

  • Size

    3.5MB

  • MD5

    3b70d9e75d0f84a409ce81d85debf74f

  • SHA1

    86a7b93ce110fa270994008c8329296498236f16

  • SHA256

    49505cc1070fdabbfd210ab7ff89887d15e429191d69d80bd40c8181b530db23

  • SHA512

    13231c47e5cb6ffe7453f5b09e0398697990ba3f10132450958828b92658746722855af3891ac6580d26710124f85e6d7ae11ee6499e7fc1f87fc4a6baa4cec3

  • SSDEEP

    98304:6BTlIXlY9qxe0W3u6WYdjvulghnHF8LywMPR:+i1YUx0dpKlgZmLyRZ

Score
3/10

Malware Config

Signatures

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b70d9e75d0f84a409ce81d85debf74f
    .rar
  • KMSAutoS/KMSAuto Net.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KMSAutoS/bin/KMSSS.exe
    .exe windows:5 windows x86 arch:x86

    d09a14e1fb5c5aa5a973010186c50390


    Code Sign

    Headers

    Imports

    Sections

  • KMSAutoS/bin/KMSSS.log
  • KMSAutoS/bin/TunMirror.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • KMSAutoS/bin/TunMirror2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/oas_sert.cer
  • KMSAutoS/bin/driver/x64TAP1/OemVista.inf
  • KMSAutoS/bin/driver/x64TAP1/devcon.exe
    .exe windows:6 windows x64 arch:x64

    ce4a5cfcfb0452b87e013f07f4d59f9c


    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/x64TAP1/tap0901.cat
  • KMSAutoS/bin/driver/x64TAP1/tap0901.sys
    .sys windows:6 windows x64 arch:x64

    a13cebc938af36dab20cc614c6fb7e94


    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/x64TAP2/devcon.exe
    .exe windows:6 windows x64 arch:x64

    da57f1f45971374acef79d6f22a034f3


    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/x64TAP2/tapoas.cat
  • KMSAutoS/bin/driver/x64TAP2/tapoas.inf
  • KMSAutoS/bin/driver/x64TAP2/tapoas.sys
    .sys windows:6 windows x64 arch:x64

    741e65dbed0bdb03af558a33e0336da1


    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/x64WDV/FakeClient.exe
    .exe windows:5 windows x64 arch:x64

    06692ba7dbda0cb798b2759374ed7c13


    Code Sign

    Headers

    Imports

    Sections

  • KMSAutoS/bin/driver/x64WDV/WdfCoInstaller01009.dll
    .dll windows:6 windows x64 arch:x64

    70497fec79daa5f71de3b34faee686a5


    Headers

    Imports

    Exports

    Sections

  • KMSAutoS/bin/driver/x64WDV/WinDivert.dll
    .dll windows:6 windows x64 arch:x64

    197ee4904d9801b77ec045e9cde16b94


    Headers

    Imports

    Exports

    Sections

  • KMSAutoS/bin/driver/x64WDV/WinDivert.inf
  • KMSAutoS/bin/driver/x64WDV/WinDivert.sys
    .sys windows:6 windows x64 arch:x64

    46dd919c77f3a6f6591118c2188d211b


    Code Sign

    Headers

    Imports

    Sections

  • KMSAutoS/kmsauto.ini