8d2f58bea6bf281dfc0b374a0b02a9de5c9e7c5e4a15f4ab77d6820cb7403b78

Analysis

max time kernel
118s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/02/2024, 12:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

KontaktPortable_v780.exe
Size

530.6MB
MD5

f4a0ef3ce7be90e6567aedbffcf9bb24
SHA1

b403c66c335c2cb21f90ff4e1847a4a0f722846b
SHA256

8d2f58bea6bf281dfc0b374a0b02a9de5c9e7c5e4a15f4ab77d6820cb7403b78
SHA512

afc23468573677c1b7646c0eddc3bac0cb792c8a17283e67736824893531a6c39f9229d7155a85e9d2b65b1614015b88ebb970ab148f934c319e1f334ccfecc7
SSDEEP

12582912:JK3S/JP3xGhxckvJ2GpszqujAyvyijqWbdNJwDbAFt1o81CBd5neU:oClxGn4GpKjFqijlw2fABn

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Internet Explorer\Main	KontaktPortable_v780.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2600	KontaktPortable_v780.exe
2600	KontaktPortable_v780.exe

C:\Users\Admin\AppData\Local\Temp\KontaktPortable_v780.exe
"C:\Users\Admin\AppData\Local\Temp\KontaktPortable_v780.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Kontakt 7\PAResources\image\Abbey Road 60s Drums\MST_artwork.png

Filesize
21KB

MD5
efc18c9f56cad46bb9e99c40c22abb70

SHA1
f7478c87694a0afe6f9a586f205259ef7fa49825

SHA256
a247d4669250f3157619f65742616bce9a6e7904fbbf5f7c69a5940edd972ec6

SHA512
2c0aac274b457b489a25c34202262f170ce3ab04e83b894463cbfb0665e9f14c88f7e9d146a44161e98d364e7fbdcb304ed7cd5196124cd3b1a916c995d290ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\PAResources\image\Abbey Road 60s Drums\VB_artwork.png

Filesize
11KB

MD5
e61da5da5d0ff49ca92b5252f08407d0

SHA1
fdd28beadcb169a50d8f0e93a481c4b1e4060b5c

SHA256
592ca9f9c04e1cbf1457beb2228a43b30fedf6e7638bf96dbfd233811a6013bd

SHA512
19a0234100a013e5b642a85921782ffc9557a550fbdbcbf5441481bc6bb44a7b8e7953c366565fa36d42a7522d1bc9911f4619f373179d2320562196c9462059

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\PAResources\image\Abbey Road 70s Drums\MST_plugin.png

Filesize
24KB

MD5
6eec03f3c377da3f4de77fe2989d6f01

SHA1
6c02ebc390ff6397f57020b4e3b7338247217b08

SHA256
6aab5b0f180b6d9cc66815786003a73a2e942d422d954c8d1ee7f97f0ca9e8d7

SHA512
17d52b820fb458e49f3430c7c9886135c4e330be9b060f1df5edf5f0cc1e2e83b346cbfee37c8d7910b01a0fe714f0fa4719a275f0ab6990ed633ec6a45df194

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\PAResources\image\Scarbee Vintage Keys\MST_plugin.png

Filesize
16KB

MD5
423bca4d5d56fe95f4f90baf48ccd817

SHA1
626d4d6817e2b2b238efd79120d8eb17dc9aa634

SHA256
f0fe6400b68bee9ab55875fd318e8c25176bd22727ef91cbaf387fe758966be6

SHA512
dcaaa6490594b8d15643651cd8b6c7b720a3b7a7c32183c87bc5adb5f2cef572bd38a49d00f81ec220719aaa45b9c3d999ca1f6464f9c8da3009c70eb04b4cf8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\Presets\Effects\Convolution\09 Medium Rooms\IR Samples\wood room.wav

Filesize
260KB

MD5
e489c65c8984f7ea9d1950626705200c

SHA1
d85ce8e77e617e84c5078783ac062da04ecaa829

SHA256
e834fafe8482f34e0c3269549bafa723fef22f338129bb150b1b0a89ba3b2690

SHA512
dffa5b759219fec5967dabbac53880b9b191a9ff00111c109aaf6cedc674a8a9c53d284fb92a485cb675b5df9a3c5942ccb3f7da738bbb970dadb130447781a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\Presets\Effects\Convolution\12 Reverse Reverbs\IR Samples\CLASS-BND .wav

Filesize
324KB

MD5
8648b18160999f4e9fd7fced93cee36e

SHA1
1d10073394af03a08b740e0871829ca472487515

SHA256
e0d1c2ec04bdfabd9a2c92b600b180e72d480d0ec69fa46d3d661e155b5ce9c4

SHA512
5082113808a89e3cab25c5f07fc9682b48ce2b9a33e811e8339e6dd78077d08e153db07cd96d93dcb7131bd6cbf9288d4073533022028d63a23f53682f258629

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\Presets\Effects\Convolution\12 Reverse Reverbs\IR Samples\slap room.wav

Filesize
99KB

MD5
a38cc697f1018ff4fdc60e2059cc5cfa

SHA1
388d8c6b8b16f12c42c4c0cabaf49598558e2429

SHA256
6d90c8e1bfe9014288e1927659d4fa4a37c26df109aa75ede321302d99e6d034

SHA512
759d562295506276ff04f8dfa1d52a9d200cf12d9cd00a541908761ef100e6c30a5370b447b8db1f6bed0f0b48564379eae2cd9c2b7ccb7a23f6ee15d273a628

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\default\outputs_sta.cfg

Filesize
463B

MD5
25de12b5e458de312ef6e4edebe879ed

SHA1
f3ed46a71116a2bf0cf5e13040eab3a72ca81499

SHA256
2fd3fe2d7dda0e36a533350eb4684635f3c918c828b5d685c57d918bd4d51a22

SHA512
ee53ce7f5d83bfd6387794bf97cfe5772303272749a2d3a9ee96887620fc91743d112d57ecb9f032fa3d14b0b16ade801e3a591a5cabef52c8aff37df7542583

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\groups\Wavetables\Samples\Single Cycles\Vocal\Vocal Mutation 084.wav

Filesize
8KB

MD5
b43e947a30039489d85480bf56dc8f2b

SHA1
3c9705257566ea58cc0e84a8d9b131e047c35f86

SHA256
7e2450d365a45bdf99136222b945d4652d86a86bb377017bb71b0e1271b1cfde

SHA512
d68a16703e71f8ebc0320a250e8411b37c2cd7d6f125bb718879d25a3c00bf8baa5a19c990526c7f0a227d83a7f41bf2e961f51360cb8b9c08683e573caa4b9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\groups\Wavetables\Samples\Single Cycles\Vocal\Vocal Mutation 086.wav

Filesize
8KB

MD5
36c9c9d55a994ad4f8fc2d0ad74ece1d

SHA1
9c397ddde2545fd58a585a177245ca28c7d5a1a4

SHA256
80be0776c781b24fdcdc835492761d6c4d288d9df09a009bbef182883d5a39a0

SHA512
76fae61ad643a46120a3969ed35885bfc1fe078c3d19102cb53186291019e0dac58d8b3e7d31f68386697f3d81a1d708a09ec46c50b528da0d0fde2ac031e6fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_band_master_fx_bg.txt

Filesize
181B

MD5
5f3a441aa69c2c390f2412d0b06efec2

SHA1
dabd04678c915a8dff55edb475dd3e88a02d7d6b

SHA256
699ef59c088bde28d85e308bdb90837387af8aaa27615c22aa04c373c84c8446

SHA512
71b942716fb59b374629ad91bfd7ce9b964332dc3ed8954cc1357e7fcc21e2233d1c784e23891dca05c79e52e05584e3ce31bd5993c501c7cdc1e85070dac42e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_band_master_fx_rev_dropdown_2.txt

Filesize
181B

MD5
95b792e3efc9fd75fed1ecd029be00eb

SHA1
7ee01c55625b82062eb5ee6492bd177b70faeb4d

SHA256
79edc9fe34eec4b1b3e2eafbd1f0f7f004adb388d0d3845d57e6566def0950a2

SHA512
708c21b8a83acfb99bd804e2bdb4a460841a4b53705243960568badbc2622cd123fe445b27d46c3d719f5498bc1fd4648e7a25687f9201a8f19eb6277acf1be1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_band_switch_ring_on_off.txt

Filesize
182B

MD5
097358232a95826ff357a25b33fbd025

SHA1
ca06de0bf49ef78697374aa3cc6e4b1e2b6160c6

SHA256
a7ed710527bcdacc8619f7311d8cb8b3111f994179a9867185cbc8d9be4f6196

SHA512
3ece26f72a2f921eb40afeab2654204695b3affd2917df79ef8acf82d41a436c9a0aae1f2d05e26808703d366d015c947349050fe5b175ef354dc0382d429615

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_global_reverb_animation_small.txt

Filesize
181B

MD5
b4e2f219e8941d75e2756b0f46fce42c

SHA1
21f9c890a8c227db243072cb242df11c63e87374

SHA256
1cd4e042f133078adbd690e4b14e05ebf9b4fb59eb718fa2180c67de963f3d12

SHA512
6200d3b8f4990f89e0e6ebee42c97f508f45ff10405348e4a3573cfc14ee3652999ed11c17978b4db4ce68f01cf239b2df8d02357832c8d3045a1d3b4776f0af

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_orchestral_knob.txt

Filesize
183B

MD5
c639e0c2c042422c171b6241f085aac3

SHA1
af671bc992c5e979ee9a2d465da8e3f183b3d2b9

SHA256
e8d9605702552e009e2a3e5e45cc49ecfa6ab9694724bb0169418a2404bdf175

SHA512
f76a07a8dc1044c048c32cb56421b5059f2661aa1345006fc410567f38146d44f560a547e4a1246ddbc091afd34ea7f98d19eb523fa4c055ff6b03ed10877a9a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_orchestral_options_dropdown.txt

Filesize
183B

MD5
87686eb1a811f7e97521da2d4d2af3ba

SHA1
f56f1fe51c03a0ada6d7870727fcd5beb3cc4f84

SHA256
9290193e691c1f116ff147677429895b779554fd114c6ed18ecccb5545da09b9

SHA512
e72c189d3867612ece86b1a0617feeaa1abceec1edb3b67cda7af8ed6150b9f67f8be6259e40366eec9a6d2b0d554fdbdb35768318f8d4ea6c83e3cd6e4e1568

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_synth_knob_orange.txt

Filesize
184B

MD5
b477928caf750cc82d903251feca1f1f

SHA1
cbf60748548ddcd6a99bdc49be74f57465a85efb

SHA256
3bd5397839ce9da80a186b73511cac00cc7534301f31a29394610307ddf06539

SHA512
dc29e815e57f731d3c467d4ea4c6b2a6efc16d77727778b017147446495d108688931753a4b578ce6e343d1dee839f0b67c1aa24e7202364443aaeda57b81e2e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_urban_loops_ins-send_btn.txt

Filesize
180B

MD5
670fc81e88057b18ecb66df107d0316f

SHA1
87582f925e60becdc8a99da58473dd858744e0d7

SHA256
29242a673b713d552b3233f5f8677ab02b07d33328822973356f23b144e6dc3d

SHA512
01a7273f3d1793d745ec65077db5f8ac1a5419c1e38a38b83b38681ff6b371dadf24b5c52a545e6aca0256d51e73cb0a2964925ef375e3930d6ef09e94c8e7f5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_urban_master_fx_eq_fader.txt

Filesize
183B

MD5
2f6ee366f8cdb3bf4a0816c3343f2b83

SHA1
afc620a11bbddbd079632515bf354f617dca129b

SHA256
32a986a1fa2568dfa7740da38ebc8ec985758cf779d9148acd1bc7bc0ee480c7

SHA512
736311ceab9944bcedff39f86dd98cf04048009f5962957e1b20462b5469b8e7990405f919134b76a389c34a8d732f63fb24c5a0536573a82e023bb98d021165

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_urban_tabs.txt

Filesize
181B

MD5
c1954694dbb90d635d4f7ae5ce1cd627

SHA1
bfaa1304e320b8e0fc41289c5998fa387f42a257

SHA256
729bf74c76e494a828d4c59ca25b9ab007b06849cf0b291843fef4f62303df75

SHA512
43bb0b977614af60342932ec51f456cee3d7afe11b287318de0e93339680091763eded6cd5154b10854d9a7e32fd5ce42dbe49c09160aa5701c7d499757c4475

Download Submit
C:\Users\Admin\AppData\Local\Temp\Kontakt 7\pictures\pv_world_knob_big.txt

Filesize
183B

MD5
e97c5dc6b3c06bd08c84b7f39876146b

SHA1
e247787b4154fe0a397b1dd5d251d32f80733a21

SHA256
3e17602ff4ece20bb51139dac85980e037ce19c5fd6a0ef9775410af144b4eac

SHA512
8213f483c33857d1dec9472830d1e3ef9ffa2d381a81e17c5333e661224863dbf811b1883cb8481908c5476bd877b82b07474c807f57651e2b984871a2b43947

Download Submit