Overview

overview

5

Static

static

3

AddOn/Main...On.dll

windows10-2004-x64

1

Documents/KxRun.exe

windows10-2004-x64

3

Documents/...DE.pdf

windows10-2004-x64

1

Documents/...EN.pdf

windows10-2004-x64

1

Documents/...ES.pdf

windows10-2004-x64

1

Documents/...FR.pdf

windows10-2004-x64

1

Documents/...IT.pdf

windows10-2004-x64

1

Documents/...JA.pdf

windows10-2004-x64

1

Documents/...NL.pdf

windows10-2004-x64

1

Documents/...PT.pdf

windows10-2004-x64

1

Documents/...RU.pdf

windows10-2004-x64

1

KMNV.dll

windows10-2004-x64

1

KNV LA/License_DE.rtf

windows10-2004-x64

1

KNV LA/License_EN.rtf

windows10-2004-x64

1

KNV LA/License_ES.rtf

windows10-2004-x64

1

KNV LA/License_FR.rtf

windows10-2004-x64

1

KNV LA/License_IT.rtf

windows10-2004-x64

1

KNV LA/License_JA.rtf

windows10-2004-x64

1

KNV LA/License_KO.rtf

windows10-2004-x64

1

KNV LA/License_NL.rtf

windows10-2004-x64

1

KNV LA/Lic...BR.rtf

windows10-2004-x64

1

KNV LA/License_RU.rtf

windows10-2004-x64

1

KNV LA/Lic...CH.rtf

windows10-2004-x64

1

KNV LA/Lic...CH.rtf

windows10-2004-x64

1

KNV/Netviewer.exe

windows10-2004-x64

3

KmInst32.exe

windows10-2004-x64

1

KmInst64.exe

windows10-2004-x64

1

KmInstall.exe

windows10-2004-x64

5

Readme.html

windows10-2004-x64

1

Readme_j.html

windows10-2004-x64

1

Setup.exe

windows10-2004-x64

1

support/Setup.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    445s
  • max time network
    490s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/06/2024, 18:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup.exe

  • Size

    118KB

  • MD5

    cde821a2559d4803dd1d854a6814d98a

  • SHA1

    c734c8bbd63e413af7e931c98e5e1a6788155fdc

  • SHA256

    eea4b6d89590c8d88ab9e2cfb9186eb3d41d3a72370457f0ec572ee14981fde9

  • SHA512

    c995c9573a444c1815d041df1d425d5735c01a16021db5f58f7a01a3a475a246fad783e66f4d927215da82872bdeaa39c3704174b915f86771e1da5152e3195b

  • SSDEEP

    1536:ifYdx7s/8M7YSm3jH2WoRGnyo+vHmgszE/m0LDNvv1zReoc0xv+Rytk5udIvfDso:iR/8M79m3q1Ne90tvSYv8y+5udifDso

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1384
    • C:\Users\Admin\AppData\Local\Temp\KmInstall.exe
      KmInstall.exe
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:3320
      • C:\Users\Admin\AppData\Local\Temp\KmInst64.exe
        "C:\Users\Admin\AppData\Local\Temp\KmInst64.exe" API 0 KmInst32{AC22B096-BB6C-45EC-BD17-BFA523897BCD}
        3⤵
          PID:4132
        • C:\Users\Admin\AppData\Local\Temp\KmInst64.exe
          "C:\Users\Admin\AppData\Local\Temp\KmInst64.exe" API 0 KmInst32{ED6E7816-BB5F-47B8-B6AA-DFF1B094A4CA}
          3⤵
            PID:5092

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\bin\Netviewer.exe
        Filesize

        1.4MB

        MD5

        001b1c0ab1b83b50f8e0a35905efe3a7

        SHA1

        537cd4c50692fae470e730259afd722656116a54

        SHA256

        3db384f5ae0647ba7fe27b28b1f5b299551dcb911e947577ed1bb7c493595d45

        SHA512

        ec25976f09512745cf4a2d848d846b808a2f2bcc6103d78a62069a55303b6c1e2fa299659d46d692bcc43492bb0a26c4872cac919200347b9b21c21e3ca0bd30

        Download Submit