Overview
overview
10Static
static
3[game3rb] ...2P.zip
windows7-x64
10[game3rb] ...2P.zip
windows10-2004-x64
1KinitoPET....ET.exe
windows7-x64
1KinitoPET....ET.exe
windows10-2004-x64
1KinitoPET....er.dll
windows7-x64
1KinitoPET....er.dll
windows10-2004-x64
1KinitoPET....tor.js
windows7-x64
1KinitoPET....tor.js
windows10-2004-x64
1KinitoPET....tor.js
windows7-x64
1KinitoPET....tor.js
windows10-2004-x64
1KinitoPET....tor.js
windows7-x64
1KinitoPET....tor.js
windows10-2004-x64
1KinitoPET....e1.exe
windows7-x64
7KinitoPET....e1.exe
windows10-2004-x64
7KinitoPET....se.exe
windows7-x64
1KinitoPET....se.exe
windows10-2004-x64
1KinitoPET....g1.vbs
windows7-x64
1KinitoPET....g1.vbs
windows10-2004-x64
1KinitoPET....g2.vbs
windows7-x64
1KinitoPET....g2.vbs
windows10-2004-x64
1KinitoPET....ff.bat
windows7-x64
1KinitoPET....ff.bat
windows10-2004-x64
1KinitoPET....en.dll
windows7-x64
1KinitoPET....en.dll
windows10-2004-x64
1KinitoPET....e.html
windows7-x64
1KinitoPET....e.html
windows10-2004-x64
1KinitoPET....un.vbs
windows7-x64
1KinitoPET....un.vbs
windows10-2004-x64
1KinitoPET....64.dll
windows7-x64
1KinitoPET....64.dll
windows10-2004-x64
1KinitoPET.....2.cmd
windows7-x64
10KinitoPET.....2.cmd
windows10-2004-x64
7General
-
Target
[game3rb] KinitoPET.v1.1.0-P2P.zip
-
Size
652.8MB
-
Sample
240302-q5efgsec53
-
MD5
60b858972360f7dca94eb4540da5282c
-
SHA1
7440eae887d7d80125a4def6a3d84582305148ef
-
SHA256
1079a613057f32e18e2f94db6e6451bb83eff68771297aeb8bc11919085c52a0
-
SHA512
5fcb276bcc88d076e4e7215cb7322beea0433cacfa6e90109665c728971c518e35cd1d3dea0f0b71ea87409d7bb082c06b800e54ddf1d09a3b241739f61137b2
-
SSDEEP
12582912:FsnsVnXrLGSnFywxeZEvsT4Xgosxm7B4L3FOn6xAVLofwtS+hD:FsnsVXrLGSnF7wisMQosc7iPxAVL/E+Z
Behavioral task
behavioral1
Sample
[game3rb] KinitoPET.v1.1.0-P2P.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
[game3rb] KinitoPET.v1.1.0-P2P.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/KinitoPET.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/KinitoPET.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/bin/MonoPosixHelper.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/bin/MonoPosixHelper.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/2.0/DefaultWsdlHelpGenerator.js
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/2.0/DefaultWsdlHelpGenerator.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.0/DefaultWsdlHelpGenerator.js
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.0/DefaultWsdlHelpGenerator.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.5/DefaultWsdlHelpGenerator.js
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.5/DefaultWsdlHelpGenerator.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/e1.exe
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/e1.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/lense/lense.exe
Resource
win7-20240220-en
Behavioral task
behavioral16
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/lense/lense.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg1.vbs
Resource
win7-20240215-en
Behavioral task
behavioral18
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg1.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg2.vbs
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg2.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/off.bat
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/extra/off.bat
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/mono-2.0-sgen.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/mono-2.0-sgen.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/readme.html
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/readme.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/run.vbs
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/run.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/steam_api64.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
KinitoPET.v1.1.0-P2P/KinitoPET/steam_api64.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
KinitoPET.v1.1.0-P2P/_CommonRedist/DotNet/4.7/Microsoft .NET Framework 4.7.2.cmd
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
KinitoPET.v1.1.0-P2P/_CommonRedist/DotNet/4.7/Microsoft .NET Framework 4.7.2.cmd
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
[game3rb] KinitoPET.v1.1.0-P2P.zip
-
Size
652.8MB
-
MD5
60b858972360f7dca94eb4540da5282c
-
SHA1
7440eae887d7d80125a4def6a3d84582305148ef
-
SHA256
1079a613057f32e18e2f94db6e6451bb83eff68771297aeb8bc11919085c52a0
-
SHA512
5fcb276bcc88d076e4e7215cb7322beea0433cacfa6e90109665c728971c518e35cd1d3dea0f0b71ea87409d7bb082c06b800e54ddf1d09a3b241739f61137b2
-
SSDEEP
12582912:FsnsVnXrLGSnFywxeZEvsT4Xgosxm7B4L3FOn6xAVLofwtS+hD:FsnsVXrLGSnF7wisMQosc7iPxAVL/E+Z
Score10/10-
Modifies firewall policy service
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/KinitoPET.exe
-
Size
34.1MB
-
MD5
f294bf869a738bfd3d6a7a126448d085
-
SHA1
09d1ad5e8fe20efd1e1065dd7e5d7bbdc4147f90
-
SHA256
b83ccd96153465d6ec45b76586ca5effcff8c1e85a2b64881437e9060d39754a
-
SHA512
284b8cec5097a4160737ec3f2f63774c60a8bb66c05f27b47ee10bc5184ff917a96403fb00a5d59d61340a56457f2653c46fe614a4c908b90e89d79da2295690
-
SSDEEP
786432:cThPAXf3igAkooZdFBX5oYviSEK95FBHU0KWOpEurOJARKcnVmEtQGqYXYaod7rB:cTx
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/bin/MonoPosixHelper.dll
-
Size
1.2MB
-
MD5
f678cd1a7d957907341de91a4bb0cbe0
-
SHA1
92daa14fb9fe752f156c33a2b82f4d58d64baabc
-
SHA256
8684fa088a949d7694a98ff9a8c86d1c3fcbbf3ff3f931210adea32a3a724183
-
SHA512
3c40dbf01b073e05202871fa98f248220479e304a927854554669f7997244112d5c24901ce00d0e13c3cab4cc6ad09e483c18c2e06dcdcf3e14edf5f17bc3745
-
SSDEEP
24576:J134cjWfsThZ1S/8CUyaDGnrYQZBFEGU/XG+LVHZYXB3:8cbT6KDbQZBFEx4XB3
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
-
Size
59KB
-
MD5
f7be9f1841ff92f9d4040aed832e0c79
-
SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae
-
SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
-
SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
-
SSDEEP
768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx
-
Size
59KB
-
MD5
f7be9f1841ff92f9d4040aed832e0c79
-
SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae
-
SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
-
SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
-
SSDEEP
768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/data_KinitoPET/Mono/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx
-
Size
59KB
-
MD5
f7be9f1841ff92f9d4040aed832e0c79
-
SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae
-
SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
-
SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
-
SSDEEP
768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/extra/e1.file
-
Size
5.5MB
-
MD5
259ffd8cae9c794c111de74ee0aa728c
-
SHA1
91c7cc18c08b6abf0b1956bd9db96efc6ded27a1
-
SHA256
c529c8e76c54025f183f2c3b185817b175b8947314ba9b41afd4746f77bab695
-
SHA512
874c013531870b745b4eee9cddcca5c18967252dce37a37053526585c09900cc057bf00fbce8b4f40aa6944433cbdcf4ddfe11898688e5531b87bf5b305da9a6
-
SSDEEP
98304:aB+AB2uW5MI079g+DltLGMY8DI65KiaYGgQ30LJd2UqLjkLqpLj+ZvVuKr:apkL2V76+DXLZy7YM30LzajzpLEVuC
Score7/10-
Loads dropped DLL
-
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/extra/lense/lense.exe
-
Size
36.3MB
-
MD5
c4c309550219eee41f38ebcb089c086f
-
SHA1
20e63cda672287bae4043746d15624dcfcd6f4f1
-
SHA256
4e5fe57fa68b1e1530730a31bfeed8d8365718af2e126db1bf36dccc91db8267
-
SHA512
11597bc644ac6a7bc7dff57dfd8eba38a90520336be70ef275e108d3bac7683344b2c4538896efa97453fe50e80b1294d5a8986099092f905b3c4eb60ef2c052
-
SSDEEP
786432:D1SEK5Ju21htGBE2oX7anXMtQaxZMs9jiZKRe4yvchUKxA3c:DiRoFW+Vsdws
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg1.vbs
-
Size
118B
-
MD5
9eba5abff1b5598a127e3042d8fcaced
-
SHA1
9e2c9ac9086f7bc8d32a783b1adb6ea677507136
-
SHA256
d4a7c95dfd8d0778e2d3a337f7b4febf995995a35bf9ddd53d245cc6c737c316
-
SHA512
a1dc7d7b65635c559323d2f05be8adc4abd30efb69c8a6c29773f7aceb2170a30f2c3e6ecb518ae6d64007b090d1632c1e984a1d5f52a5f542ce25753ada348a
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/extra/msg2.vbs
-
Size
120B
-
MD5
7efd558622ffde2eafa8f9852ac38eb3
-
SHA1
3e6cf648623c07ae3b85f4889c446c06d09601d9
-
SHA256
ccbc09fd41751599be74d5b2267d0e0239aa88e097b875c7040933bb708d10fc
-
SHA512
36d2efaef799470b521216084747ae447adee833d407d853280ea9585afc208b0f919d9ebc502433ceceb0943185fe89d87cfda6eba60b52f6b02b912f56328b
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/extra/off.bat
-
Size
287B
-
MD5
03889252d52ac087c568af4986b50dda
-
SHA1
ea5b819dcf06110180301911bb41ab91c7d29dd6
-
SHA256
672e4954da1ad7dfd19cacc1f41ecf3e9ab4e1d45d8b095f5b23d3bfe568532a
-
SHA512
c8ee7670b0ddc3ed1ba549956dbd411ec21518db49729215b0b6acab1c1cc03ff4d7f053a21afe032c770c75e69ff92175d7b2b623d81d5c2318567256d006b4
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/mono-2.0-sgen.dll
-
Size
5.6MB
-
MD5
f7573b0913c8dab1a01d8d9c6f401da3
-
SHA1
ef806b9117256a67af958ba2bd988d1fe2f5dbc4
-
SHA256
e66cd917265ff98dc1c8a3d49b8f49b98bbcfc56091888af95fdfd8b1ad8231e
-
SHA512
2aece8056411d4f812b769b06d1dcb1b2dad2b30f2d5cb1665d7dd9fac1e320e1f8b8e79ecdadebe4e0c528c2214018500597f66c87c5f9a9dbaf9e3ad91823f
-
SSDEEP
49152:6Kpe/zNI5WMWd7aGd3sx+CL6+LggFyYpo1X5x+GYItcEhbbFbestVfaMFIR+nS8Q:WZsuoFJuhR5eMLmsUltC/iq
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/readme.html
-
Size
16KB
-
MD5
09d5773a99b10ee318828900b99666ed
-
SHA1
2583f6ad18dc86f89eccdb6447825b7c0ae7d240
-
SHA256
c453ce3a95f05eb115364c99a3877fafb81c79e9bce811736bae64b9ba162362
-
SHA512
069b4e38345c48d489e870f65cba5876aff5589ca9a53afd228d6614709afd35ae1c049fad782ecf637e5a63e5480506c0883ee9934d19f224836527c2e393bb
-
SSDEEP
384:DPB8bsFIsFU11soPbNqbTU1vxPg/Q1x+I3bq1lI/TOCO1LX+G/:DJ8bFD1BYTsvx4/Q1x+IL9/Tm+G/
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/run.vbs
-
Size
43B
-
MD5
b63585ddd027f064b5dd38d964cc6b77
-
SHA1
18dae7496a6d0664f492ba1696d13d7b45164d4f
-
SHA256
a0e590277c5cb45d22c6d33202944e33f4e3db30b1e329f49ab8b3dcefbd314e
-
SHA512
580a75875ff3803e57f31408462e1e265da0e5a3b69a03e15506b4bb15ac2df69353164d7cab3b3572f0267696e70b07f9f06f19e7b37b7e1eab88844ad05a26
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/KinitoPET/steam_api64.dll
-
Size
1.7MB
-
MD5
1ef6b373549fb069589c44f3119003a3
-
SHA1
1fb0d1fccd43652e45419f1cfd2472699e52030a
-
SHA256
65259d162a4cb9a57abd214723db0555f1c5c8b65dda828f4a641e2083f70e6c
-
SHA512
824a836f2b1d110a1cbd1b687ca992f6f924c4d7d9e9f79fe55d8f86d39873eff99d2c83340f598551d879eda4cc559a4c35993bc4c8ddf0626bf1907b5276f9
-
SSDEEP
49152:JboJBbAEwCsd/nLCq2fCb73O8qK2J6NA5BJeP6:WEcEdOA2J/h+
Score1/10 -
-
-
Target
KinitoPET.v1.1.0-P2P/_CommonRedist/DotNet/4.7/Microsoft .NET Framework 4.7.2.cmd
-
Size
142B
-
MD5
ef99b6c5d62c9e6ab34b9a6eb305c8ce
-
SHA1
caeeb86a73217cc51025607f4c84522b9764123b
-
SHA256
485d17282dacbe3b5182c76830d05609371f4718d89b9fba99a34f96bbc521b6
-
SHA512
61fddf3d81aad061c596170b5f873375226659113ea19f0ac1b9582cbcaeeab9e7fec340109faab3967bea298c47adead7ba1d291d5ccfb07d732940512c6337
Score10/10-
Modifies firewall policy service
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1SIP and Trust Provider Hijacking
1