ba17f6c79ca1b88ef400c2ea683766604000a9c0164963181c25250fefd5bcec | Triage

Submit
Reports

Overview

overview

7

Static

static

1

KMS.exe

windows10-2004-x64

7

Sharing

General

Target

KMS.exe
Size

2.0MB
Sample

240504-nss21ach6v
MD5

4c85602ecd371fba3d45d8ab68fbc19d
SHA1

6100900b5a3e778276fb21eccb1a6e0aec8094b5
SHA256

ba17f6c79ca1b88ef400c2ea683766604000a9c0164963181c25250fefd5bcec
SHA512

4520815639e9c26376b9c1896adcc04497a74e29b7ed611f4d9b6402595684d1a21e6a9f232548dcb439b7c0a3440fd4c8ea55c43c2fd874a32514e278d719b2
SSDEEP

24576:o5UIl0ppFn+PQyOAyEFn/wI1gOpMXePDA9yutbzM1j/gRo7RJVNolK:oR0pPWz/wI1gMVPU9yEM1j/gRGXNqK

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

KMS.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  KMS.exe
- Size
  
  2.0MB
- MD5
  
  4c85602ecd371fba3d45d8ab68fbc19d
- SHA1
  
  6100900b5a3e778276fb21eccb1a6e0aec8094b5
- SHA256
  
  ba17f6c79ca1b88ef400c2ea683766604000a9c0164963181c25250fefd5bcec
- SHA512
  
  4520815639e9c26376b9c1896adcc04497a74e29b7ed611f4d9b6402595684d1a21e6a9f232548dcb439b7c0a3440fd4c8ea55c43c2fd874a32514e278d719b2
- SSDEEP
  
  24576:o5UIl0ppFn+PQyOAyEFn/wI1gOpMXePDA9yutbzM1j/gRo7RJVNolK:oR0pPWz/wI1gMVPU9yEM1j/gRGXNqK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy