Overview

overview

10

Static

static

10

output.ps1

windows7-x64

10

output.ps1

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    output.ps1

  • Size

    79KB

  • MD5

    3eeef2ea61104d3167b1bdd0e44a0343

  • SHA1

    2717fe27b4d338bd2ad8260f5374d8f089b50c64

  • SHA256

    bba4e27b854a40d09ab6b7418fc35b76bc0767dd3df3f87c065d38985d9fd08e

  • SHA512

    165521f4eaa13598f4982615886774f57279ebcc9046334676bee45a806ef980585181df0af25d526d5ec34470a36ea5c1f7fa954a52757b2bfb64ddcc0b08a2

  • SSDEEP

    1536:KhSdVn5ahg5yYpnz1v/5l03wYsVN1zPgZ5lZfLaJcVFjaKw2e/+n82:KhSdVn5UwBv/5ywYsVN1zPgHlNaJcVFb

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://raw.githubusercontent.com/Somali-Devs/Kematian-Stealer/main/frontend-src/injection.js
exe.dropper

https://discord.com/api/webhooks/1238224693027278929/TyZFqkCkT7chbldoUX-7hPCbC1D9MyjuOfKMUzjEmDyEUyKNZcL8qiNZ-VFz-akarx8c
exe.dropper

https://i.imgur.com/DOIYOtp.gif
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • output.ps1
    .ps1