Overview

overview

8

Static

static

3

klkjjk.exe

windows7-x64

8

klkjjk.exe

windows10-2004-x64

8

User tags

Assigned on submission by the user, not by sandbox detections.

Threatview.io Proactive Hunter

Sharing

Copy URL
Twitter E-mail

General

  • Target

    klkjjk.exe.2

  • Size

    3.9MB

  • Sample

    240425-gfm7nagc43

  • MD5

    0d28c308c7d3af1f50a24cd98d59adbe

  • SHA1

    617eb940a77fffe2e8363f9a11430ebb56b4c988

  • SHA256

    f917cbb00490f27691097081db77cc38d0f776d374b2fbd40e4b592eeef578be

  • SHA512

    d71da6edef67bc977ac8564f75cc0e8cdd31c0a9b37253017122f522c4d2f1ece5d8a56642dab40e3d8651ad1d1233ba0a27f78a536ddf897ddd392dbebb5ae8

  • SSDEEP

    49152:/YQ9p/TMILu3UAJvYIJ7PBJw47zI8gFEtYnEZhNa+uOTapp5pP7eoi:DpgQEZPPT4Yj

Score
8/10
microsoftevasionpersistencephishing

Malware Config

Targets

    • Target

      klkjjk.exe.2

    • Size

      3.9MB

    • MD5

      0d28c308c7d3af1f50a24cd98d59adbe

    • SHA1

      617eb940a77fffe2e8363f9a11430ebb56b4c988

    • SHA256

      f917cbb00490f27691097081db77cc38d0f776d374b2fbd40e4b592eeef578be

    • SHA512

      d71da6edef67bc977ac8564f75cc0e8cdd31c0a9b37253017122f522c4d2f1ece5d8a56642dab40e3d8651ad1d1233ba0a27f78a536ddf897ddd392dbebb5ae8

    • SSDEEP

      49152:/YQ9p/TMILu3UAJvYIJ7PBJw47zI8gFEtYnEZhNa+uOTapp5pP7eoi:DpgQEZPPT4Yj

    Score
    8/10
    evasionpersistencemicrosoftphishing

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks