Overview

overview

10

Static

static

10

kdot.ps1

windows7-x64

10

kdot.ps1

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    kdot.ps1

  • Size

    72KB

  • MD5

    4194e66da27810063386d5eb771d07ed

  • SHA1

    12dd1b112d2f4872f87059f9208c9f4d0a3cfd56

  • SHA256

    aba1eb5c5bba875f1f947765c2457fc27e6606c1ce7efbcf725c1ececb870e48

  • SHA512

    c0e5a5c004340bf3ab002a4422a0cf9d774ffae02b7df06cf3c42fa43a78fbd2cec2ea9fa8ca251e73d342d7b50d8ded447ca943779bd2ef7726111f6f3dced2

  • SSDEEP

    1536:58SdVn5ahg5yYp6zdv/5l05Qo8l01zhwZPhZcLrJS7srHX6Cx:58SdVn5Uwiv/5IQo8l01zhw5hUr9KCx

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://hard-arrivals.gl.at.ply.gg:52006/data
exe.dropper

https://github.com/ChildrenOfYahweh/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • kdot.ps1
    .ps1