General
-
Target
Kilogram.exe
-
Size
16.2MB
-
Sample
240423-y6v4mabe2z
-
MD5
415d6c2e6cad1468ffe9dc9e45169d2c
-
SHA1
c6bde1dc499d33582f81a369386a6f35b050b6b1
-
SHA256
eb856f3b603839ef320a7223e1479662abfff6da84a289bddf693b299f3ab56d
-
SHA512
92c5f3bab9e3df32d1f1dc7f6cb66b33cc578be4de13b80245d216e8a7fbb08ce49efd4e061508e9ee92def98d6a83e565f15cf1d43230bee9b442b187f939dc
-
SSDEEP
393216:Wv90+5gDkTh2Jp5MwurEUWjsrz7E5PKk9buK+x:o9PvThidb8z7bkEK+
Behavioral task
behavioral1
Sample
Kilogram.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
Kilogram.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
Kilogram.pyc
Resource
win10v2004-20240412-en
Behavioral task
behavioral4
Sample
Kilogram.pyc
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Kilogram.exe
-
Size
16.2MB
-
MD5
415d6c2e6cad1468ffe9dc9e45169d2c
-
SHA1
c6bde1dc499d33582f81a369386a6f35b050b6b1
-
SHA256
eb856f3b603839ef320a7223e1479662abfff6da84a289bddf693b299f3ab56d
-
SHA512
92c5f3bab9e3df32d1f1dc7f6cb66b33cc578be4de13b80245d216e8a7fbb08ce49efd4e061508e9ee92def98d6a83e565f15cf1d43230bee9b442b187f939dc
-
SSDEEP
393216:Wv90+5gDkTh2Jp5MwurEUWjsrz7E5PKk9buK+x:o9PvThidb8z7bkEK+
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Kilogram.pyc
-
Size
45KB
-
MD5
ad75a5f16493aae89db7464fc99a1fa9
-
SHA1
7717e99da0fbf6039a3db22fcc79b7a105917943
-
SHA256
fb1cbbe9945f0383210d82ec4ac025c96b84a2bd3422a370558e0e1e867f81c8
-
SHA512
cbfafe03aa84dd5909d09678c57cbbab72c87a19ae41d6bdf280508bce675d3715704fee539406225e36c98c2a3e589655005731804cf241ebe1eb728151ee89
-
SSDEEP
768:n9JWujqdLOCdVYORsHAaIi3sjSFY0AJvwm3UYIz67fl+X8EOe2W8DlhLx3V9:n9JWu2dLOeYORuIeqgY0AJJ3G2Dl+svh
Score3/10 -